|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: RE: [suse-security] Web server security holes ?
From: Oliver Grube (oliver.grube
it-secure.de)Date: Wed Apr 05 2000 - 02:59:08 CDT
- Next message: Francisco M. Marzoa Alonso: "Re: [suse-security] Web server security holes ?"
- Previous message: Marc Baaden: "[suse-security] Web server security holes ?"
- In reply to: Marc Baaden: "[suse-security] Web server security holes ?"
- Next in thread: Francisco M. Marzoa Alonso: "Re: [suse-security] Web server security holes ?"
- Next in thread: Francisco M. Marzoa Alonso: "Re: [suse-security] Web server security holes ?"
- Reply: Oliver Grube: "RE: [suse-security] Web server security holes ?"
- Reply: Francisco M. Marzoa Alonso: "Re: [suse-security] Web server security holes ?"
- Reply: Markus Schaber: "RE: [suse-security] Web server security holes ?"
- Reply: Oliver Grube: "RE: [suse-security] Web server security holes ?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hello Marc,
>- What does it mean ?
your Web-Server Logfile seems like a try to test
different known exploits by using
CGI-Scripts on the victim's server.
>- Is it dangerous for the machine ?
Normally this is a nice try and there are no risks
until you have installed one of there Scripts...
>- Can I further secure my machine ?
It also looks like that there was no way into your
system by using this possible exploit in this way.
You can secure it by denying any CGI / PHP Scripts (See
/etc/httpd/httpd.conf).
>PS: I do NOT need the machine beeing accessible by
external machines in HTTP
If you don't need your HTTP... just switch it off by
editing /etc/rc.config "start_httpd=no"
or stop it by typeing /sbin/init.d/apache stop
Greetinx,
Oliver Grube
---------------------------------------------
--IT-Secure - Mit Sicherheit gute Lösungen.--
---------------------------------------------
Security Support * oliver.grubeit-secure.de
+49 2161 6897-180 * http://www.it-secure.de
---------------------------------------------------------------------
To unsubscribe, e-mail: suse-security-unsubscribesuse.com
For additional commands, e-mail: suse-security-helpsuse.com
- Next message: Francisco M. Marzoa Alonso: "Re: [suse-security] Web server security holes ?"
- Previous message: Marc Baaden: "[suse-security] Web server security holes ?"
- In reply to: Marc Baaden: "[suse-security] Web server security holes ?"
- Next in thread: Francisco M. Marzoa Alonso: "Re: [suse-security] Web server security holes ?"
- Next in thread: Francisco M. Marzoa Alonso: "Re: [suse-security] Web server security holes ?"
- Reply: Oliver Grube: "RE: [suse-security] Web server security holes ?"
- Reply: Francisco M. Marzoa Alonso: "Re: [suse-security] Web server security holes ?"
- Reply: Markus Schaber: "RE: [suse-security] Web server security holes ?"
- Reply: Oliver Grube: "RE: [suse-security] Web server security holes ?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]