On 28 Sep 2006, Jamie Wilkinson <[EMAIL PROTECTED]> wrote: > This one time, at band camp, Voytek Eymont wrote: > > > >On Wed, September 27, 2006 9:15 pm, Erik de Castro Lopo wrote: > > > >>> apart from wget and curl, what else can be used to download illicit > >>> files to a web server ? > >> > >> Python, Perl, Ruby, C, Haskell, Ocaml. In fact any programming language. > >> Also programs like lynx. > > > >Eric, > > > >I guess I meant 'single-purpose utilities that can be easily expoited like > >so' : > > > >'some_app file_url' > > > >through a web server vulnerability to easily deposit exploits > > > >I'm guessing that if I do NOT have wget/curl/lynx/links available, next > >time a cms has such an expoitable hole, I'll reduce my exposure, no ??
Voytek, Perhaps it's just me but I don't understand *where* and *by whom* you are trying to prevent them being executed. You can't (obviously) control what is run by random people on the internet who are attacking your machine. You can try to filter by the User-Agent string to block requests from those programs, but that is trivial to spoof, and regularly spoofed by attack tools. See e.g. http://www.metasploit.com/ If an attacker has control of your machine you have more serious problems than whether they can run wget or not. Similarly if your users are running vulnerable software you should just fix that rather than worrying about wget... > perl -MLWP -e 'GET url' > > or somesuch :) You want to remove perl too? And in php something like open('http://ubuntu.com/') may work too, depending on the configuration. -- Martin -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
