On Mon, Mar 13, 2006 at 09:02:13AM +0200, Enver ALTIN wrote:
> If you have to leave some writable folders for Apache user, say, /tmp,
> moving /tmp to another partition/filesystem and mounting it with
> "noexec" option would prevent most harm /any/ PHP script can cause.
Not true.
Several o
Hi,
Florian Reitmeir wrote:
I had a similar encounter about 2 months ago. The intruder exploited a
PHP script that was poorly written. If you check your http access logs,
you will most likely find an entry about the PHP that is been exploited.
Once you find the offending PHP script, you can ei
> I had a similar encounter about 2 months ago. The intruder exploited a
> PHP script that was poorly written. If you check your http access logs,
> you will most likely find an entry about the PHP that is been exploited.
> Once you find the offending PHP script, you can either remove it or
>
At 1141730613, Petter Senften wrote:
> Recently I've noticed that my Apache-installation gets
> violated and that an intruder somehow manages to put stuff
> in /tmp and /var/tmp. Then it makes Apache execute these.
Do you have mod_cgi installed and activated? If you are not
using it, disable it.
This one time, at band camp, Josep Serrano said:
> Hello Petter
>
> We still don't know for what do you use your apache. Most of the problems
> come from
> poor PHP scripts. What scripts/services are you running in this server?
I strongly suggest this as the source of your problems. In my
exper
On Tue, Mar 07, 2006 at 12:37:42PM +0100, Ismail wrote:
> >>Recently I've noticed that my Apache-installation gets violated and that
> >>an intruder somehow manages to put stuff in /tmp and /var/tmp. Then it
> >>makes Apache execute these. Unfortunately these are some rather nasty
> >>things, mostl
Please keep the posts in the debian-security list only!
I apologize. It happens because I did cross post in both lists in the first
place.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Hi
I'm not completely new to Debian or Linux, but I wouldn't classify
myself as a battlescarred sysadmin just yet :)
Anyways. My problem is security-related, and I hope that I'm posting to
the correct list as well as hoping that someone can help me out here.
Recently I've noticed that my Apac
Hello Petter
The actual list for security issues is debian-security. The address of this
list its
on the CC. We can now leave debian-user and switch our discussion into
debian-security.
This is quite hole! Can't believe there's such a big spot in Apache / Sarge and
we
didn't heard of it. Can yo
9 matches
Mail list logo
