On Sun, 08 Jun 2003 16:41:49 -0600
FemmeFatale <[EMAIL PROTECTED]> uttered:
> This ofc assumes I'm correct. I also assume a spoofed IP addy from a
> script kiddy.
yup, you missed my reply to myself! it's code red in all its glory...
--
Joehill
Registered Linux user #282046
Homepage: http:/
At 11:45 AM 6/8/2003 -0400, you wrote:
I see the usual attempts at running windows scripts, but one thing
stumps me. I see this occasionally as well, from different addresses
on the same subnet as me (64.x.x.x):
64.229.89.4 - - [07/Jun/2003:23:59:37 -0400] "GET
/default.ida?
http://www.apacheweek.com/features/codered
Some stupid worm. Nothing to be concerned about, if you're running
apache. At least if you don't need to administer the stations where the
requests come from :-)
Steven
On Sun, 2003-06-08 at 17:45, JoeHill wrote:
> On 08 Jun 2003 00:13:48 +0200
> Stev
On 08 Jun 2003 00:13:48 +0200
Steven Broos <[EMAIL PROTECTED]> uttered:
> On Sat, 2003-06-07 at 23:28, JoeHill wrote:
ah, ignore my immediately previous question. I found it, it's Code Red
trying to spoof. Pt, keep trying bud...LOL.
--
Joehill
Registered Linux user #282046
Homepage:
On 08 Jun 2003 00:13:48 +0200
Steven Broos <[EMAIL PROTECTED]> uttered:
>
> Then you can disable PHP easily if you really want to, and let a
> script create a HTML-file which contains the uptime.
ah, I'm not that concerned. it's just:
I see the usual attempts at running windows scripts, but o
I think it's a little bit paranoia to say you may not run PHP. I find
it weird CGI is OK, but PHP isn't... Both are dangerous for your system
when they are not administered well.
Apache has one parent-instance owned by root. The child-rpocesses are
run from the account you specified. I wouldn'
I read the "Seven Deadly Sins" of Linux security, and one item concerns
me:
"On Toxen's "don'ts" list: Don't use PHP, even though it's convenient.
Don't run DNS, auth (ident) or Apache as root. But, do use suEXEC, a
tool first introduced in Apache 1.2, that increases security by allowing
users to
Hi,
Once again, thanks to those who got me straightened out on
installing/updating RPM's.
Now I've gotten Apache 1.3.27 installed on Mandrake 9.0. Just curious how
secure it is considered "out of the box."
I've seen quite a few Nimda and Code Red hits against it- obviously
unsuccessfully. But