El dom, 29 de 06 de 2003 a las 02:15, Jason Lim escribió:
> Okay... so supposing the whole system needs to be installed, we can make a
> backup of the home directory now... but after we restore everything, what
> is to stop the hacker immediately re-gaining access again?
>
> The server is a fully
El dom, 29 de 06 de 2003 a las 02:15, Jason Lim escribió:
> Okay... so supposing the whole system needs to be installed, we can make a
> backup of the home directory now... but after we restore everything, what
> is to stop the hacker immediately re-gaining access again?
>
> The server is a fully
Il 29 Jun 2003 alle 21:47, Jason Lim immise in rete:
> Re-installing from scratch would be a real pain... the server runs on
> a 3ware array, and has hundreds of users, all active :-/
> Is there any way to verify the Integrity of the files somehow, and
> download/re-install any binaries that do not
>Is there a document somewhere, or procedure, to recover after this? This
>is a working and running system, so somehow need to be able to recover
>from this with minimal impact to end-users.
Just backup the datafiles, the password files and rebuild.
At least that is how I would do it.
>One of our
On Sun, Jun 29, 2003 at 09:47:13PM +0800, Jason Lim wrote:
> The user CGIs run as the user's UID... suexec.
suexec doesn't run PHP suid the owner, unless you're using php-cgi. By
default, PHP is incredibly insecure. If a user is using an insecure PHP
application (or any other insecure CGI applicat
Jason Lim:> Hi Russell,
>
> Well, SE Linux certainly seems like something that needs to
> be installed.
> Most annoying is that all the recent security updates were
> already done!
>
> The user CGIs run as the user's UID... suexec.
Consider to chroot apache, and keep available binaries to a min
On Sun, 29 Jun 2003 23:47, Jason Lim wrote:
> Re-installing from scratch would be a real pain... the server runs on a
> 3ware array, and has hundreds of users, all active :-/
>
> Is there any way to verify the Integrity of the files somehow, and
> download/re-install any binaries that do not match
Hi Jason,
a good programm to check for rootkits can be found here:
http://www.chkrootkit.org/
- Achim
Am Son, 2003-06-29 um 15.47 schrieb Jason Lim:
> Hi Russell,
>
> Well, SE Linux certainly seems like something that needs to be installed.
> Most annoying is that all the recent security updat
Il 29 Jun 2003 alle 21:47, Jason Lim immise in rete:
> Re-installing from scratch would be a real pain... the server runs on
> a 3ware array, and has hundreds of users, all active :-/
> Is there any way to verify the Integrity of the files somehow, and
> download/re-install any binaries that do not
On Sun, Jun 29, 2003 at 03:15:05PM +0800, Jason Lim wrote:
> Okay... so supposing the whole system needs to be installed, we can make a
> backup of the home directory now... but after we restore everything, what
> is to stop the hacker immediately re-gaining access again?
>
> The server is a fully
>Is there a document somewhere, or procedure, to recover after this? This
>is a working and running system, so somehow need to be able to recover
>from this with minimal impact to end-users.
Just backup the datafiles, the password files and rebuild.
At least that is how I would do it.
>One of our
On Sun, Jun 29, 2003 at 03:15:05PM +0800, Jason Lim <[EMAIL PROTECTED]> wrote:
> I'm thinking that even if we do all the trouble of a complete
> re-installation of the entire system, it won't fix this as it will get
> re-hacked again, especailly since we can't see what is going on anymore.
> What d
On Sun, 2003-06-29 at 17:15, Jason Lim wrote:
> Okay... so supposing the whole system needs to be installed, we can make a
> backup of the home directory now... but after we restore everything, what
> is to stop the hacker immediately re-gaining access again?
>
> The server is a fully updated "sta
On Sun, 29 Jun 2003 15:00, Jason Lim wrote:
> One of our servers was hacked (woody)... badly, from what I can see. A
From the ps output it appears that the hack originated from the web server or
a CGI-BIN script it ran.
As they ran modprobe I guess they got root. :(
The recommended method is t
Has anyone heard any details about Gates' new ideas on how to "block"
spam? The Money section of Thursday's USA Today had an article about two
rediculous ideas Gates came up with to fight spam. These ideas, IMHO,
show he has no clue how the Internet mail system really works.
First, he wants to
Hi,
Can someone explain to me the threading thing...
I want to see how many threads there are running of any running process.
The man page of the 'ps' command suggests to use the -m flag but that
isn't working...
or am I missing the point completely.
--
JJ
On Sun, Jun 29, 2003 at 09:47:13PM +0800, Jason Lim wrote:
> The user CGIs run as the user's UID... suexec.
suexec doesn't run PHP suid the owner, unless you're using php-cgi. By
default, PHP is incredibly insecure. If a user is using an insecure PHP
application (or any other insecure CGI applicat
Jason Lim:> Hi Russell,
>
> Well, SE Linux certainly seems like something that needs to
> be installed.
> Most annoying is that all the recent security updates were
> already done!
>
> The user CGIs run as the user's UID... suexec.
Consider to chroot apache, and keep available binaries to a min
On Sun, 29 Jun 2003 23:47, Jason Lim wrote:
> Re-installing from scratch would be a real pain... the server runs on a
> 3ware array, and has hundreds of users, all active :-/
>
> Is there any way to verify the Integrity of the files somehow, and
> download/re-install any binaries that do not match
Hi Jason,
a good programm to check for rootkits can be found here:
http://www.chkrootkit.org/
- Achim
Am Son, 2003-06-29 um 15.47 schrieb Jason Lim:
> Hi Russell,
>
> Well, SE Linux certainly seems like something that needs to be installed.
> Most annoying is that all the recent security updat
On Sun, Jun 29, 2003 at 03:15:05PM +0800, Jason Lim wrote:
> Okay... so supposing the whole system needs to be installed, we can make a
> backup of the home directory now... but after we restore everything, what
> is to stop the hacker immediately re-gaining access again?
>
> The server is a fully
On Sun, Jun 29, 2003 at 03:15:05PM +0800, Jason Lim <[EMAIL PROTECTED]> wrote:
> I'm thinking that even if we do all the trouble of a complete
> re-installation of the entire system, it won't fix this as it will get
> re-hacked again, especailly since we can't see what is going on anymore.
> What d
On Sun, 2003-06-29 at 17:15, Jason Lim wrote:
> Okay... so supposing the whole system needs to be installed, we can make a
> backup of the home directory now... but after we restore everything, what
> is to stop the hacker immediately re-gaining access again?
>
> The server is a fully updated "sta
On Sun, 29 Jun 2003 15:00, Jason Lim wrote:
> One of our servers was hacked (woody)... badly, from what I can see. A
From the ps output it appears that the hack originated from the web server or
a CGI-BIN script it ran.
As they ran modprobe I guess they got root. :(
The recommended method is t
Has anyone heard any details about Gates' new ideas on how to "block"
spam? The Money section of Thursday's USA Today had an article about two
rediculous ideas Gates came up with to fight spam. These ideas, IMHO,
show he has no clue how the Internet mail system really works.
First, he wants to
Hi,
Can someone explain to me the threading thing...
I want to see how many threads there are running of any running process.
The man page of the 'ps' command suggests to use the -m flag but that
isn't working...
or am I missing the point completely.
--
JJ
--
To UNSUBSCRIBE, email to [EMA
W.D. McKinney wrote:
Question: We run sslwrap for POP3 wrapping and I see Outlook for XP when
selecting Advanced Options and using SSL enabled for both SMTP and POP
connections, that with Ethereal the clear text password is still there
in view ?
Is this an SSL issue or an Outlook bug ?
Pr
W.D. McKinney wrote:
Question: We run sslwrap for POP3 wrapping and I see Outlook for XP when
selecting Advanced Options and using SSL enabled for both SMTP and POP
connections, that with Ethereal the clear text password is still there
in view ?
Is this an SSL issue or an Outlook bug ?
Pr
Hi Russell,
Well, SE Linux certainly seems like something that needs to be installed.
Most annoying is that all the recent security updates were already done!
The user CGIs run as the user's UID... suexec.
Re-installing from scratch would be a real pain... the server runs on a
3ware array, and
Hi Russell,
Well, SE Linux certainly seems like something that needs to be installed.
Most annoying is that all the recent security updates were already done!
The user CGIs run as the user's UID... suexec.
Re-installing from scratch would be a real pain... the server runs on a
3ware array, and
Okay... so supposing the whole system needs to be installed, we can make a
backup of the home directory now... but after we restore everything, what
is to stop the hacker immediately re-gaining access again?
The server is a fully updated "stable" debian system. In fact, it was
updated just yesterd
Top-posting... but please forgive.
The box is a very recently updated "stable" box... virtually every other
date apt-get is update/upgrade.
The box is setup very secure... the usual things were done... like
ensuring no unused services are running and things like that.
So does that mean "stable"
Okay... so supposing the whole system needs to be installed, we can make a
backup of the home directory now... but after we restore everything, what
is to stop the hacker immediately re-gaining access again?
The server is a fully updated "stable" debian system. In fact, it was
updated just yesterd
Top-posting... but please forgive.
The box is a very recently updated "stable" box... virtually every other
date apt-get is update/upgrade.
The box is setup very secure... the usual things were done... like
ensuring no unused services are running and things like that.
So does that mean "stable"
34 matches
Mail list logo
