[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] Frontpage extentions???

Subject: Re: [cobalt-security] Frontpage extentions???
From: Bruce Timberlake <bruce@xxxxxxxxxx>
Date: Fri, 10 Jan 2003 05:56:17 -0800
Organization: BRTNet.org
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

> Can someone knowledgeable point me in the right direction? Had a
> site that uses Frontpage. So, what does this all mean? Do I need to
> worry?

What's creating these messages - something like Tripwire?

Looks to me like these files all have create times of sometime 
yesterday, so they're showing up as 'new' to the scanner...

They don't look unusual to me at all: fpexec is part of FrontPage.  I 
know suEXEC goes with Apache and deals with CGI stuff.  The 
/usr/local/frontpage/ .cnf file is the frontpage config file for that 
domain.

/root/.bash_history is a list of all the shell commands 'root' has 
typed.  and .viminfo is a config file for the 'vim' editor.

You could take a look at those last two - they're just text files.

But I think you're probably ok...

- -- 
Bruce Timberlake

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQE+HtEBvLA2hUZ9kgwRAqsCAJ0S7PYLhpnFFeXxlzyHwPR/XQuwIQCfenQn
fC4q+xocyMTrObnR7cPVUng=
=DNMu
-----END PGP SIGNATURE-----

Follow-Ups:
- Re: [cobalt-security] Frontpage extentions???
  - From: Alan Ng

References:
- [cobalt-security] Frontpage extentions???
  - From: Alan Ng

Prev by Date: [cobalt-security] Frontpage extentions???
Next by Date: Re: [cobalt-security] Frontpage extentions???
Previous by thread: [cobalt-security] Frontpage extentions???
Next by thread: Re: [cobalt-security] Frontpage extentions???

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index