Re: Found, a new rootkit

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: <gene.heskett@xxxxxxxxxxx>
Subject: Re: Found, a new rootkit
From: "Edward Krack" <ekrack@xxxxxxxxxxx>
Date: Mon, 3 Apr 2006 20:43:13 -0500
Cc: Users of Fedora Core <fedora-list@xxxxxxxxxx>
References: <200603311302.41518.gene.heskett@xxxxxxxxxxx>
Reply-to: For users of Fedora Core releases <fedora-list@xxxxxxxxxx>

Gene Heskett:

> In doing some checking of a web server, we found an irc port open on
> 31377, one of the black hatters favorites.  A port that portsentry was
> supposed to be rejecting but wasn't.

Why would your web server be write-able?

Configure Secure Defaults:

<Directory />
        Order Deny,Allow
        Deny from all
</Directory>
<Directory /path/to/html/docs>
        Order Allow,Deny
        Allow from all
</Directory>

Just my 2 cents.

Krack

Prev by Date: Re: Theming grub/gdm/gnome
Next by Date: Samba
Previous by thread: Re: Found, a new rootkit
Next by thread: Re: Found, a new rootkit
Index(es):
- Date
- Thread

[Index of Archives] [Current Fedora Users] [Fedora Desktop] [Fedora SELinux] [Yosemite News] [Yosemite Photos] [KDE Users] [Fedora Tools] [Fedora Docs]