Voytek Eymont wrote: > > On Thu, December 28, 2006 10:37 am, Penedo wrote: > > On 28/12/06, Voytek Eymont <[EMAIL PROTECTED]> wrote: > > > I suspect you are looking at this in the wrong way - try to contain the > > CMS > > systems (e.g. maybe run them under a limited user and chroot or some other > > segregated environment) instead of trying to identify and hide all > > potential tools used by holes in the CMS. > > perhaps, but, it certainly would have prevented two infiltration I had in > the last few month
I *REALLY* honestly don't think so. Once somebody is in they will use a Perl script. If Perl isn't installed they will do something else, like uploading a precomiled binary. The idea is to prevent people getting in to begin with. Once they are in its way too late. Erik -- +-----------------------------------------------------------+ Erik de Castro Lopo +-----------------------------------------------------------+ "Web (hosting), security and high-performance computing are the three areas where Linux has more strength." -- Bob Muglia, senior VP in charge of Windows Server development. http://news.com.com/Microsoft+targets+Apache+Web+server/2100-1010_3-5735805.html -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
