[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: RE : [cobalt-security] Forensics on a hacked server

Subject: Re: RE : [cobalt-security] Forensics on a hacked server
From: Jeroen Wunnink <jeroen@xxxxxxxxxxxxxx>
Date: Thu, 22 May 2003 09:45:24 +0200
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

I seriously like this one, more then once weird scripts (remote shells, IRCdaemons, password hackers) have been executed due to bad programmed PHPscripts and compiled through a PHP command line exploit, I'm gonne throwthis on all machines



At 07:13 PM 5/21/2003 +0200, you wrote:

Denying the compiler GCC to anyone but root is also a good securitymeasure as

it limits the damage that an intruder can do if he managed to get into your
box as regular user. Either directly by SSH, or through an exploited service
which runs as unprivileged user (httpd for instance).




Met vriendelijke groet,

Jeroen Wunnink,
systeembeheer@xxxxxxxxxxxxxx

telefoon:+31 (035) 6285455              Postbus 1332
fax: +31 (035) 6838242                  1200 BH Hilversum

http://www.easyhosting.nl

References:
- RE : [cobalt-security] Forensics on a hacked server
  - From: Alain Fontaine
- Re: RE : [cobalt-security] Forensics on a hacked server
  - From: Michael Stauber

Prev by Date: Re: [cobalt-security] Forensics on a hacked server
Next by Date: RE: [cobalt-security] Backup Raq 500
Previous by thread: Re: [cobalt-security] LCAP, was: Forensics on a hacked server
Next by thread: Re: RE : [cobalt-security] Forensics on a hacked server

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index