[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: RE : [cobalt-security] Forensics on a hacked server
- Subject: Re: RE : [cobalt-security] Forensics on a hacked server
- From: Jeroen Wunnink <jeroen@xxxxxxxxxxxxxx>
- Date: Thu, 22 May 2003 09:45:24 +0200
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
I seriously like this one, more then once weird scripts (remote shells, IRC
daemons, password hackers) have been executed due to bad programmed PHP
scripts and compiled through a PHP command line exploit, I'm gonne throw
this on all machines
At 07:13 PM 5/21/2003 +0200, you wrote:
Denying the compiler GCC to anyone but root is also a good security
measure as
it limits the damage that an intruder can do if he managed to get into your
box as regular user. Either directly by SSH, or through an exploited service
which runs as unprivileged user (httpd for instance).
Met vriendelijke groet,
Jeroen Wunnink,
systeembeheer@xxxxxxxxxxxxxx
telefoon:+31 (035) 6285455 Postbus 1332
fax: +31 (035) 6838242 1200 BH Hilversum
http://www.easyhosting.nl