On 2006-01-24 08:46:24 +1000, Michael Mansour wrote:
More generally, I read advice somewhere that mounting /tmp with the
noexec option (and making any other temp directories symbolic
links to that one) can make this type of attack much more difficult.
This doesn't really prevent execution
Hi Peter,
On 2006-01-24 08:46:24 +1000, Michael Mansour wrote:
More generally, I read advice somewhere that mounting /tmp with the
noexec option (and making any other temp directories symbolic
links to that one) can make this type of attack much more difficult.
This doesn't really
On 2006-01-24 22:13:26 +1000, Michael Mansour wrote:
Hi Peter,
On 2006-01-24 08:46:24 +1000, Michael Mansour wrote:
Definately noted as one of the measures to stop this type of attack, but
for
this particular server, /tmp is not a mounted filesystem but part of /,
so I
can't
Michael Mansour wrote:
Hi Marc,
On Tue, 2006-01-24 at 08:42 +1000, Michael Mansour wrote:
No I'm not sure. Reading through the link above, it does seem that you've hit
the nail on the head with this one. I have two other FC1 machines and they
weren't affected by Slapper (even when
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Jesse Keating wrote:
On Mon, 2006-01-23 at 17:11 -0500, James Kosin wrote:
My version takes care of the mod_ssl issue he already disabled. FC1
doesn't have a fix or if so it hasn't gone through QA yet.
Do you have a CVE for the ssl issue? I'd
James Kosin wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Jesse Keating wrote:
On Mon, 2006-01-23 at 17:11 -0500, James Kosin wrote:
My version takes care of the mod_ssl issue he already disabled. FC1
doesn't have a fix or if so it hasn't gone through QA yet.
Do you have a CVE
On Tuesday 24 January 2006 13:08, Mike McCarty wrote:
I'm a little shocked at this, frankly. I Googled around, and
found mentions of the Slapper going back to 2002. Why is it that
this exploit (and variations of it) haven't all been stamped
out years ago?
Read the link I posted yesterday,
On Tue, 2006-01-24 at 13:20 -0600, Mike Klinke wrote:
On Tuesday 24 January 2006 13:08, Mike McCarty wrote:
I'm a little shocked at this, frankly. I Googled around, and
found mentions of the Slapper going back to 2002. Why is it that
this exploit (and variations of it) haven't all been
Mike McCarty wrote:
Gene Heskett wrote:
On Tuesday 24 January 2006 14:20, Mike Klinke wrote:
On Tuesday 24 January 2006 13:08, Mike McCarty wrote:
I'm a little shocked at this, frankly. I Googled around, and
found mentions of the Slapper going back to 2002. Why is it that
this exploit (and
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Mike McCarty wrote:
--snip--
$ ps -A | grep pache
$ ps -A | grep ssl
doesn't show anything, so Apache isn't running, and I guess
SSL isn't either.
Mike
Mike,
ps -A | grep httpd /* Apache is only the name of the server
Hi Mike,
You should do a netstat -na | grep SYN, if you see alot of those then
slapper is there DOS attacking people.
$ netstat -na | grep SYN
$
Thanks for the advice. But, as I am behind a stealth firewall,
I feel relatively secured against *this* type of attack.
Umm, what does
On Tuesday 24 January 2006 14:00, Gene Heskett wrote:
If this file mentioned on the site doesn't exist on any of my
systems, is it safe to assume relative safety against this
attack?
As Michael Mansour discovered, he had this file on only one of three
FC1 machines after he installed Drupal,
-
Fedora Legacy Test Update Notification
FEDORALEGACY-2005-158543
Bugzilla https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=158543
2006-01-24
-
Name:
that's a coincidence...
just today when i checked the apache server-status page i notice that some
host was scanning several sites randomly trying to find a xmlrpc.php in
different apparently pre defined locations.
i was aware of the xmlrpc bug in pear and already checked if it was on my
On Tuesday 24 January 2006 15:18, Mike McCarty wrote:
Gene Heskett wrote:
On Tuesday 24 January 2006 14:20, Mike Klinke wrote:
On Tuesday 24 January 2006 13:08, Mike McCarty wrote:
I'm a little shocked at this, frankly. I Googled around, and
found mentions of the Slapper going back to 2002. Why
On Tuesday 24 January 2006 15:29, Mike McCarty wrote:
Mike McCarty wrote:
Gene Heskett wrote:
On Tuesday 24 January 2006 14:20, Mike Klinke wrote:
On Tuesday 24 January 2006 13:08, Mike McCarty wrote:
I'm a little shocked at this, frankly. I Googled around, and
found mentions of the Slapper
16 matches
Mail list logo