Voytek Eymont wrote:
sure, what I'm suggesting will not stop a serious attempt to exploit a
hole, but, it should deflect such a script
This is probably correct, renaming Perl may deflect scripts which rely on perl
being easily found. However, patching the hole and securing your system is
li
On 28/12/06, Voytek Eymont <[EMAIL PROTECTED]> wrote:
I feel this is like moving ssh to a non-stand port, a small measure to
reduce exposure.
I actually did this mostly to keep the system logs much cleaner (especially
with Apache). In any case it still requires a password to use ssh.
lastly,
On Thu, December 28, 2006 4:25 pm, Erik de Castro Lopo wrote:
>> perhaps, but, it certainly would have prevented two infiltration I had
>> in the last few month
>
> I *REALLY* honestly don't think so. Once somebody is in they will
> use a Perl script. If Perl isn't installed they will do somethin
Voytek Eymont wrote:
>
> On Thu, December 28, 2006 10:37 am, Penedo wrote:
> > On 28/12/06, Voytek Eymont <[EMAIL PROTECTED]> wrote:
>
> > I suspect you are looking at this in the wrong way - try to contain the
> > CMS
> > systems (e.g. maybe run them under a limited user and chroot or some othe
On 28/12/06, Voytek Eymont <[EMAIL PROTECTED]> wrote:
On Thu, December 28, 2006 10:37 am, Penedo wrote:
> On 28/12/06, Voytek Eymont <[EMAIL PROTECTED]> wrote:
> I suspect you are looking at this in the wrong way - try to contain the
> CMS
> systems (e.g. maybe run them under a limited user an
On Thu, December 28, 2006 10:37 am, Penedo wrote:
> On 28/12/06, Voytek Eymont <[EMAIL PROTECTED]> wrote:
> I suspect you are looking at this in the wrong way - try to contain the
> CMS
> systems (e.g. maybe run them under a limited user and chroot or some other
> segregated environment) instead
It appears that the vulnerability is with a particular CMS. Now the
example they have given is perl, the problem is that you can
potentially execute anything through the exploit, security through
obscurity is not absolute I generally leave obscurity to the birds,
you need to ensure your mac
On 28/12/06, Voytek Eymont <[EMAIL PROTECTED]> wrote:
what do I need Perl on my server, apart from stuff I've added, like,
amavisd or popb4smtp ??
If you had a Debian system then you could tell exactly which package
declares dependency on perl.
Debian's perl-base package is declared as "Prio
what do I need Perl on my server, apart from stuff I've added, like,
amavisd or popb4smtp ??
as far as I can tell, many/most/some of the infiltrations done through say
CMS vulnerabilities execute like 'perl sometext'
if I was to rename perl to 'something_totally_different', and, edited
amavis/po