Mailinglist Archive: opensuse (3566 mails)
| < Previous | Next > |
Re: [opensuse] Apache access log errors - attack?
- From: Pueblo Native <pueblonative@xxxxxxxxxxx>
- Date: Wed, 25 Apr 2007 19:35:24 -0600
- Message-id: <463001DC.8010901@xxxxxxxxxxx>
Cristian Rodriguez R. wrote:
> James D. Parra escribió:
>
>
>> It doesn't appear that the system was compromised.
>>
>
> It might not apeear..that0's the problem :P
>
> How can I protect the
>
>> system from such an attack?
>>
>
>
> security is a complex topic, there is no magic pill.
>
> You can be protected in several ways.
>
> 1. first and more importantly ,keep the Web applications you use up to date.
> 2. remember to remove code that you dont currenlty use.
>
> 3. install php5-suhosin available from the server:php repo. this
> extension will efectivalle stop several attacks against poorly written
> PHP apps.
>
> 4. do not allow apache access to outside your network.
>
> 5. Upgrade you distribution or install newer PHP versions.
>
>
>
6. Unplug the machine from all networks, put it in a safe, and seal all
the entrances. ;-)
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx
> James D. Parra escribió:
>
>
>> It doesn't appear that the system was compromised.
>>
>
> It might not apeear..that0's the problem :P
>
> How can I protect the
>
>> system from such an attack?
>>
>
>
> security is a complex topic, there is no magic pill.
>
> You can be protected in several ways.
>
> 1. first and more importantly ,keep the Web applications you use up to date.
> 2. remember to remove code that you dont currenlty use.
>
> 3. install php5-suhosin available from the server:php repo. this
> extension will efectivalle stop several attacks against poorly written
> PHP apps.
>
> 4. do not allow apache access to outside your network.
>
> 5. Upgrade you distribution or install newer PHP versions.
>
>
>
6. Unplug the machine from all networks, put it in a safe, and seal all
the entrances. ;-)
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx
| < Previous | Next > |