Over about ten years of running web servers, small and large, I have had
one problem so far (rootkit). That was because I did not secure services
and left a port open.
On web servers, kill all services you don't need, secure what you do
need (please, get ssh off of port 22 and require certificates
On Mon, 2008-10-06 at 20:53 +0200, Gerfried Fuchs wrote:
> * Joe <[EMAIL PROTECTED]> [2008-10-06 19:20:27 CEST]:
> > How can there be any way? If you allow users to upload executable
> > scripts, you might as well give them ssh access and be done with it. You
> > must enforce file create permissi
On Mon Oct 06, 2008 at 20:40:36 +0200, Gerfried Fuchs wrote:
> From reading the changelog these issues have all three been addressed
> in the 1.4.19-5 upload which was done a week ago already. Was this
> missed, or are the patches therein considered incomplete?
This was missed.
Steve
--
Mana
* Joe <[EMAIL PROTECTED]> [2008-10-06 19:20:27 CEST]:
> How can there be any way? If you allow users to upload executable
> scripts, you might as well give them ssh access and be done with it. You
> must enforce file create permissions on the upload system (ftp or
> whatever) which do not includ
Don't forget about the box, make sure to keep it upgraded regularly as
security updates come out. Also make sure to upgrade it to the latest
distribution of Debian as those come out because older distributions only
have limited security support, and are eventually dropped altogether from
secur
* Steve Kemp <[EMAIL PROTECTED]> [2008-10-06 19:29:51 CEST]:
> CVE-2008-4298
> A memory leak in the http_request_parse function could be used by
> remote attackers to cause lighttpd to consume memory, and cause a
> denial of service attack.
>
> CVE-2008-4359
> Inconsistent handling
Rico Secada wrote:
Hi.
I have a webserver running with a couple of users as virtual hosts in
Apache.
I read this article from IBM
http://www.ibm.com/developerworks/opensource/library/os-php-secure-apps/index.html
(look for "Guard your filesystem") and testet the PHP script on an Etch
installa
Hi,
Laura Arjona Reina wrote:
> Hello
> I have a debian etch webserver, it only has installed
> ssh+apache+php+mysql.
> It has no GUI.
> Nobody sits or connects there to work, only administrators for backing
> up and update the system.
> I tried to secure it installing and configuring bastille.
>
2008/10/6, Laura Arjona Reina <[EMAIL PROTECTED]>:
> Hello
Hello Laura,
> My question is if it is needed to install an antivirus for keeping the
> webserver safe. And if it is needed, which antivirus could I use?
> I thought about clamav but I read about problems keeping up-to-date the
> software
On, Oct 06, 2008 at 10:10:33AM +0200, Laura Arjona Reina wrote:
> My question is if it is needed to install an antivirus for keeping the
> webserver safe. And if it is needed, which antivirus could I use?
> I thought about clamav but I read about problems keeping up-to-date
> the
> software shippe
Laura Arjona Reina wrote:
My question is if it is needed to install an antivirus for keeping the
webserver safe. And if it is needed, which antivirus could I use?
I thought about clamav but I read about problems keeping up-to-date
the software shipped with etch-stable.
I wouldn't think so. Gen
Hello
I have a debian etch webserver, it only has installed ssh+apache+php+mysql.
It has no GUI.
Nobody sits or connects there to work, only administrators for backing
up and update the system.
I tried to secure it installing and configuring bastille.
Now the only open ports are 22 for ssh and 8
12 matches
Mail list logo
