This one time, at band camp, Voytek Eymont wrote: > >On Wed, September 27, 2006 9:15 pm, Erik de Castro Lopo wrote: > >>> apart from wget and curl, what else can be used to download illicit >>> files to a web server ? >> >> Python, Perl, Ruby, C, Haskell, Ocaml. In fact any programming language. >> Also programs like lynx. > >Eric, > >I guess I meant 'single-purpose utilities that can be easily expoited like >so' : > >'some_app file_url' > >through a web server vulnerability to easily deposit exploits > >I'm guessing that if I do NOT have wget/curl/lynx/links available, next >time a cms has such an expoitable hole, I'll reduce my exposure, no ??
perl -MLWP -e 'GET url' or somesuch :) You want to remove perl too? Configuring apache to run the potentially vulnerable code in a security domain with minimum rights is going to let you sleep better than removing random tools. Sure, minimise the options an attacker has, defense in depth and all that. Start at the bottom of the network stack and start securing yourself from there, then up through the application layer, then once you're inside the application itself, partition execution contexts so that the stuff you don't trust (i.e. the CMS) when hacked doesn't have the opportunity to damage your system, then they'll pop up like sore thumbs when it does happen, and make for easier analysis of attack vector. -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
