Re: Apache FreeBSD exploit released
From: Brett Glass (brett@lariat.org)
Date: 06/23/02
- Next message: Darren Pilgrim: "Re: Possible security liability: Filling disks with junk or spam"
- Previous message: Anders Nordby: "Re: Apache FreeBSD exploit released"
- In reply to: jps@funeralexchange.com: "Re: Apache FreeBSD exploit released"
- Next in thread: Krzysztof Zaraska: "Re: Apache FreeBSD exploit released"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sat, 22 Jun 2002 16:57:36 -0600 To: <jps@funeralexchange.com>, <kzaraska@student.uci.agh.edu.pl> From: Brett Glass <brett@lariat.org>
At 04:48 PM 6/22/2002, jps@funeralexchange.com wrote:
>Anyone know of any ports or tools i could use on my servers to watch out
>for something like this?
You can probably use some of the ideas I presented at the January BSDCon.
Either the Apache SetEnvIf regexes or the SNOBOL log monitor will work
for this one. See http://www.brettglass.com/logmonitors/paper.html for more.
--Brett
P.S. -- I'm still working on the replacement logging system mentioned in
that paper. It has an entirely new architecture; the hard part has been
backward compatibility with older Unices and with programs that expect to
communicate with syslogd.
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
- Next message: Darren Pilgrim: "Re: Possible security liability: Filling disks with junk or spam"
- Previous message: Anders Nordby: "Re: Apache FreeBSD exploit released"
- In reply to: jps@funeralexchange.com: "Re: Apache FreeBSD exploit released"
- Next in thread: Krzysztof Zaraska: "Re: Apache FreeBSD exploit released"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
