FYI if anyone is running the apache web server, there is a REMOTE ROOT exploit. It has been known for about a week or 2 but Im finally starting to see people trying it on my server.
I strongly suggest that everyone gets the updates from apache or from the distro site of your Linux.
Filters for ShowEQ can now be found here. filters-5xx-06-20-05.tar.gz
ShowEQ file section is here. https://sourceforge.net/project/show...roup_id=10131#
Famous Quotes:
Ratt: WTF you talkin' about BA? (Ok.. that sounds like a bad combo of Diffrent Strokes and A-Team)
Razzle: I showeq my wife
I was dorking around with our app server software that hooks into apache as well as leaving my box outside the firewall for a FTP access. The next day I tried to log in, root had a new password.
Bah, can't you evil hackers leave newbs alone?
Actually, thanks to SEQ opening the door, I have learned a lot about linux, samba, apache, wu-ftp, rpm, ssh, etc.
Thanks so much for working on a great product, for free, and for very little thanks.
Me.
you sure they didn't exploit wu-ftp? That daemon is nothing but one big security hole (as are most other ftp daemons). Use SSH and SFTP for file transfers. Much safer as it encrypts the information (username, password and data).
But I wasn't set up for Anonymous FTP, so I "thought" I was ok...
Live and learn, live and learn.
My co-worker didn't know how to use ssh, and I didn't feel like teaching her over the phone. I won't make that mistake again...
Maybe I'll stick it out there again, just so I have an excuse to wipe the system again, and this time use Gentoo. Maybe I just like pain.
using SSH is no harder than FTP or telnet, just encrypts the stuff. Otherwise behaves the same for me.
You should set up a firewall. Gshield is a fairly good and easy to set up firewall (do an Inet search for it). After you have a reliable firewall. Only let in the ip addresses that you trust (ie work or friends). If they have dynamic ips then have them start keeping track of thier ip addresses and add their ranges into the firewall. I would not open my firewall to AOL though. Your asking for trouble.Originally posted by lil_zaphod
But I wasn't set up for Anonymous FTP, so I "thought" I was ok...
Live and learn, live and learn.
My co-worker didn't know how to use ssh, and I didn't feel like teaching her over the phone. I won't make that mistake again...
Maybe I'll stick it out there again, just so I have an excuse to wipe the system again, and this time use Gentoo. Maybe I just like pain.
You should also view your logs on a daily basis. They are in /var/log. The ones you should be most interested in are the messages file, secure file, access_log file (in /var/log/httpd), and error_log (also in /var/log/httpd).
Do your updates (type up2date (in /usr/sbin) on a command prompt). It will update your system and fix any known problems. I usually do it every 2 weeks.
If you really get adventurous, get and setup snort and guardian. It will help secure your system even more.
Hope that helps.
Filters for ShowEQ can now be found here. filters-5xx-06-20-05.tar.gz
ShowEQ file section is here. https://sourceforge.net/project/show...roup_id=10131#
Famous Quotes:
Ratt: WTF you talkin' about BA? (Ok.. that sounds like a bad combo of Diffrent Strokes and A-Team)
Razzle: I showeq my wife
I have a hardware based firewall that does a good job of keeping creatins out of my systems.
The problem was when I threw the linux box outside the DMZ.
My thought process was this.... "hurm.. take time to mess with the settings... nah, I'll just make a switch in the web gui and throw the box in the DMZ in 20 secs. done. Back to real work..."
I think my next response to a co workers request like that is "download a copy of kazaa lite and find it yourself". Save me from the trouble..
Thanks for taking the time to point out ways to improve my systems though.
Chad
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
Reply With Quote
