Re: [Full-Disclosure] Re: New Santy-Worm attacks *all* PHP-skripts
From: Raistlin (raistlin_at_gioco.net)
Date: 12/26/04
- Previous message: GuidoZ: "Re: [Full-Disclosure] Suspect phpBB users"
- Maybe in reply to: Paul Laudanski: "[Full-Disclosure] Re: New Santy-Worm attacks *all* PHP-skripts"
- Next in thread: Paul Laudanski: "Re: [Full-Disclosure] Re: New Santy-Worm attacks *all* PHP-skripts"
- Reply: Paul Laudanski: "Re: [Full-Disclosure] Re: New Santy-Worm attacks *all* PHP-skripts"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sun, 26 Dec 2004 12:48:18 +0100 To: Paul Laudanski <zx@castlecops.com>
Paul Laudanski wrote:
> For this particular strain it would certainly help, but that is why there
> exists new variations.
Of course - it's no solution.
> Certainly doing it to /tmp, /usr/tmp, /var/tmp
> could help, but it isn't 100% foolproof, and some don't even consider it
> security.
Just a bit of hardening :)
> Then again, you can always disable the functions in php.ini for exec and
> system for instance to help stave off other similar attacks.
That's implicit in safe_mode, AFAIK !
-- Stefano "Raistlin" Zanero System Administrator Gioco.Net public PGP key block at http://gioco.net/pgpkeys _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
- Previous message: GuidoZ: "Re: [Full-Disclosure] Suspect phpBB users"
- Maybe in reply to: Paul Laudanski: "[Full-Disclosure] Re: New Santy-Worm attacks *all* PHP-skripts"
- Next in thread: Paul Laudanski: "Re: [Full-Disclosure] Re: New Santy-Worm attacks *all* PHP-skripts"
- Reply: Paul Laudanski: "Re: [Full-Disclosure] Re: New Santy-Worm attacks *all* PHP-skripts"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
