On Sunday, 8 בApril 2007 13:59, Shachar Shemesh wrote:
> Oron Peled wrote:
> > Fedora is a fast paced distro like Debian testing
> I'm assuming you meant "Debian Unstable"
No, unless I missunderstood the Debian process.
In Fedora untested packages first goes to the Rawhide
repositories (which I t
I disagree, Debian Unstable (Sid) is an ever-updating, bleeding-edge
distro: *tends to bring the latest version of each software*, while
Fedora doesn't.
For example, FC6 has Firefox 1.5, and 2.0 will never be there, only in
FC7.
Debian Testing is the next Debian Stable, like FC is the next RH
Oron Peled wrote:
> Fedora is a fast paced distro like Debian testing
I'm assuming you meant "Debian Unstable"
Shachar
--
Shachar Shemesh
Lingnu Open Source Consulting ltd.
Have you backed up today's work? http://www.lingnu.com/backup.html
==
On Sunday, 8 בApril 2007 01:16, Amos Shapira wrote:
> Sticking to supported versions is rule number one in production networks
> (and plan ahead to switch to a later version well before the current one you
> use get's EOL'ed).
Correct. Ori used FC2, while FC4 is already EOL many months.
> As far
1. run it behind a decent firewall ( even pf,iptables logs should give you
some idea about who's accessing your computer and using which service )
2. dont run anything with root
3. run chrooted env's if possible
4. reinstall using something more updated system and dont install anything
you dont
On 4/8/07, Hetz Ben Hamo <[EMAIL PROTECTED]> wrote:
You could do few things:
2. Have some logs emailed to you from the server on a daily basis
(crontab). By default, Redhat/CentOS/Fedora does this automatically,
but you can enhance it to send pack few log files and email them to
you as .tar.bz2
On 4/8/07, Orr Dunkelman <[EMAIL PROTECTED]> wrote:
You will also need to install everything from scratch (and I suggest you
init. your bios as well).
Flashing your BIOS for no real need (and the attack you're talking about is
purely theoretical) is calling for trouble. While it's fun to play
Adding to what's been said so far (and if repeating please consider it
as "double emphasis" :-) I'd recommend:
1. Do not run anything not needed on the server. Make sure to look not
only in system services level but in the service level itself. E.g: run
on the web server only what you need on
sendmail & bind are also bad for your mental health.
Consider normal alternatives, or if you want to make sure no one is hacking
your system through them, switch to qmail and djbdns.
You will also need to install everything from scratch (and I suggest you
init. your bios as well).
If you want to
On Sunday, 8 בApril 2007 00:33, Ori Idan wrote:
> A server I managed was hacked by a libian hacker.
> The only thing he did was changing the index.html of some web sites.
>
> The server is based on fedora core 2
> running:
> httpd
> sendmail
> bind
> proftp (through xinetd)
> ssh
>
> Any ideas how
On 08/04/07, Josh Zlatin-Amishav <[EMAIL PROTECTED]> wrote:
On Sun, 8 Apr 2007, ik wrote:
> I suggest, that you should scan for full open ports on your web site
> (all the port range), to see if that person have an open "shell" on
> your account.
Good advice, though the (possible) open shell m
On Sun, 8 Apr 2007, ik wrote:
I suggest, that you should scan for full open ports on your web site
(all the port range), to see if that person have an open "shell" on
your account.
Good advice, though the (possible) open shell might just be running on port
80/443 (i.e. a php shell) which is al
On 08/04/07, Josh Zlatin-Amishav <[EMAIL PROTECTED]> wrote:
On Sun, 8 Apr 2007, Ori Idan wrote:
> What should I do to prevent such hackes in the future?
There are lots of things you can do, like keep software up to date,
remove unneeded services, audit web applications for flaws (though I am
ki
You could do few things:
1. apt-get dist-upgrade (or yum upgrade), or better - move to a stable
distribution like CentOS. That way you'll have security fixes for at
least 5 years. DO NOT use Fedora on any server which offfer services
outside.
2. Have some logs emailed to you from the server on a
Indeed a remote exploit in the services is possible, and ofcourse each
service can have a remote exploit...
However, I'd be trying to eliminate the less-uber-cool-hacker possibilities:
a. Bad local user (Bad user! spank him..)
b. SSH remote login using a weak password which was just guessed
("t
I suggest, that you should scan for full open ports on your web site
(all the port range), to see if that person have an open "shell" on
your account.
Regardless of that, please look for known vulnerabilities from the
versions of every server on the machine, and also if the server runs
any dynami
On Sun, 8 Apr 2007, Ori Idan wrote:
A server I managed was hacked by a libian hacker.
The only thing he did was changing the index.html of some web sites.
The server is based on fedora core 2
running:
httpd
sendmail
bind
proftp (through xinetd)
ssh
Any ideas how he could have done it?
The ht
Ori Idan wrote:
> A server I managed was hacked by a libian hacker.
> The only thing he did was changing the index.html of some web sites.
>
> The server is based on fedora core 2
Didn't fedora stopped releasing security updates for this version a long
time ago?
--
Lior Kaplan
[EMAIL PROTECTED
A server I managed was hacked by a libian hacker.
The only thing he did was changing the index.html of some web sites.
The server is based on fedora core 2
running:
httpd
sendmail
bind
proftp (through xinetd)
ssh
Any ideas how he could have done it?
What should I do to prevent such hackes in the
19 matches
Mail list logo
