Please join us at Maker Bench in Tempe for our first presentation at the new
location on *Linux Attack Vectors*. As always this is a full-duplex linux
event with welcome participation from Linux Community. We will follow up
with hands on analysis of individual machines, so bring anything with a
For Drupal you can look at their docsĀ
http://drupal.org/security/secure-configuration
Keith Smith
--- On Tue, 6/14/11, Steve Phariss wrote:
From: Steve Phariss
Subject: securing a system
To: "Main PLUG discussion list"
Date: Tuesday, June 14, 2011, 1
On Wed, Jun 15, 2011 at 9:16 AM, Steve Phariss wrote:
> Hi Lisa,
>
> This post was just the very basics. There will be several of us looking at
> the attack vector and logs. There are things I will not have control over
> and I have let my concerns (many of them you mentioned, it's good to know
Mod_security can, in and of itself, be easily DoS'd. You better know what
you are doing with your recipes.
We are just stabbing at things, until you run a Rapid 7 Nexpose Community
scan to see things like WebDAV (which are trivially pwn'd via Metasploit)
you won't know what the issues are.
You c
Hi Lisa,
This post was just the very basics. There will be several of us looking at
the attack vector and logs. There are things I will not have control over
and I have let my concerns (many of them you mentioned, it's good to know I
am on the right track )be known to the hiring company. Good
Hi Steve!
I would be very careful about specifics to a list; especially if you plan to
later advertise you work there.
Using another name or alias for security questions is generally best.
See my suggestions below.
On Tue, Jun 14, 2011 at 10:41 PM, Steve Phariss wrote:
> I may have a job putt
Be sure to install mod_security on Apache; it helps a lot.
It is important to know how it got compromised so that you don't move that
to the new system. Common methods are sql injection and using pages with
poor input validation to run external code. I don't know how big your
databases are but it
I may have a job putting a compramised system back into production (actually
we are moving them from Ubuntu to a RHEL VM...)
I am still lacking some details but they are running apache, Mysql AND
Postgres, Drupal, and something called *Mason*-*CM. I am not sure why the
two DBs but if there is no