On Thu, 28 Sep 2006 08:33:47 +1000 (EST) "Voytek Eymont" <[EMAIL PROTECTED]> wrote:
> Eric, Who's this Eric guy? :-) > I guess I meant 'single-purpose utilities that can be easily expoited like > so' : > > 'some_app file_url' > > through a web server vulnerability to easily deposit exploits In Perl, Python and Ruby writing a simple app that does what wget does is no more than 10 lines of really trivial code. > I'm guessing that if I do NOT have wget/curl/lynx/links available, next > time a cms has such an expoitable hole, I'll reduce my exposure, no ?? No. it won't. You need to run this in a chroot jail or a User Mode Linux or something like that. > if I remove or rename wget/curl/lynx/links from my server, apart from > ocassional inconvience to me, that won't cause me issues ? Its goes such a small way to solving the problem that its probably not worth it. You would be better off making sure your machine is running a current version of your chosen distro (what are you running btw?) and then exploring chroot/UML/Xen/whatever solutions. Erik +-----------------------------------------------------------+ Erik de Castro Lopo +-----------------------------------------------------------+ Microsoft is finally bringing all of its Windows operating system families under one roof. It will combine all of the features of CE, stability and support of ME and the speed of NT. It will be called Windows CEMENT... -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
