On 26 Sep 2014 at 13:19, Gary Stainburn wrote: From: Gary Stainburn <gary.stainb...@ringways.co.uk> Organization: Ringways Garages Ltd To: Community support for Fedora users <users@lists.fedoraproject.org> Subject: shellshock - detect in Apache? Date sent: Fri, 26 Sep 2014 13:19:29 +0100 Send reply to: Community support for Fedora users <users@lists.fedoraproject.org>
> Is there any way to detect an attack within Apache and block it? > > I'm thinking of a rule or something to check the user-agent or equiv before > calling the CGI or PHP etc. > > I'm looking to protect some old servers where BASH updates won't be > forthcoming > > (I know the answer is to upgrade the servers, but these aren't my servers and > it ain't my call) Another option would be to build the latest version of bash. ftp://ftp.gnu.org/gnu has serveral versions of bash a number of them have patch directories with Sep 24th date. I download the ftp://ftp.gnu.org/gnu/bash/bash-4.3.tar.gz and the patches in ftp://ftp.gnu.org/gnu/bash/bash-4.3-patches/ Installed the 25 patches and then build the code. Running the test on that version of bash passes the test. Don't know if there would be any issues with then replacing the older bash on a system with the newly build one, but that didn't take much time to build. > -- > users mailing list > users@lists.fedoraproject.org > To unsubscribe or change subscription options: > https://admin.fedoraproject.org/mailman/listinfo/users > Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct > Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines > Have a question? Ask away: http://ask.fedoraproject.org +----------------------------------------------------------+ Michael D. Setzer II - Computer Science Instructor Guam Community College Computer Center mailto:mi...@kuentos.guam.net mailto:msetze...@gmail.com http://www.guam.net/home/mikes Guam - Where America's Day Begins G4L Disk Imaging Project maintainer http://sourceforge.net/projects/g4l/ +----------------------------------------------------------+ http://setiathome.berkeley.edu (Original) Number of Seti Units Returned: 19,471 Processing time: 32 years, 290 days, 12 hours, 58 minutes (Total Hours: 287,489) BOINC@HOME CREDITS ROSETTA 19981840.971965 | SETI 33950436.647387 ABC 16613838.513356 | EINSTEIN 34233765.925899 -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
