Re: Systems compromised with ShellBOT perl script - part 2

From: Paul Schmehl (pauls_at_utdallas.edu)
Date: 10/21/04

  • Next message: BillyBob: "Help, possible rootkit" 
    Date: Thu, 21 Oct 2004 16:21:25 -0500
To: incidents@securityfocus.com

    Consider installing mod_security as well. It can provide you with some
    protection from "standard" Apache, cgi and php exploits. Staying patched,
    however, should be job number one, as you've unfortunately learned.

    Paul Schmehl (pauls@utdallas.edu)
    Adjunct Information Security Officer
    The University of Texas at Dallas
    AVIEN Founding Member
    http://www.utdallas.edu

  • Next message: BillyBob: "Help, possible rootkit"

    Relevant Pages

    • apache php cgi install problem
      ... php is installed in c:/php ... descriptor: don't know how to spawn child process: ... in the Apache error log. ... I have no experience in CGI - I only know it stands for Common Gateway ...
      (comp.lang.php)
    • Re: apache php cgi install problem
      ... php is installed in c:/php ... descriptor: don't know how to spawn child process: ... in the Apache error log. ... I have no experience in CGI - I only know it stands for Common Gateway ...
      (comp.lang.php)
    • Re: PHP is looking for php.ini file in c:windows
      ... I'm not using the CGI ... SetEnv in httpd.conf won't have any effect on PHP as an Apache module, ... SetEnv in httpd.conf only affects subprocesses spawned by Apache - i.e. CGI. ...
      (comp.lang.php)
    • Re: HTML proxying in ASP.NET?
      ... web proxies out there for Apache, and written in PHP, or CGI. ... not found an example of a simple web proxy for IIS written in ASP.NET. ...
      (microsoft.public.dotnet.framework.aspnet)
    • Re: Database Security Issues
      ... > Could you elaborate on how you'd do this on an ISP's web server ... With apache it seem that suexec is the way to go (and thus introducing ... new problems like running php as cgi, but the enhanced per user security ...
      (comp.lang.php)