Re: [xmlrpc worm] Does it scan the servers before it probes the xmlrpc files?
- From: Hans <replyelsewhere@xxxxxxxxxxxxxxxxxxxxx>
- Date: 22 Jan 2006 12:28:36 GMT
On 22 Jan 2006 10:15:00 GMT, Chris Kronberg <smil@xxxxxxxxx> wrote:
> On 2006-01-21, Hans <replyelsewhere@xxxxxxxxxxxxxxxxxxxxx> wrote:
>> At my webserver I disabled sending php headers by setting expose_php to Off in
>> the php.ini. We talked about it and it seems that killing the headers in the
>> httpd.conf by setting the serversignature to off does not kill the
>> X-Powered-By: PHP/version header.
>>
>> Since I set the expose_php setting in the php.ini to Off I do not have any
>> xmlrpc probes anymore.
>>
>> Could someone confirm or deny this?
>
> I don't have any php on some of my webservers yet the probes
> come by regulary. There is no difference between those having
> and showing a php header and those having not.
> Maybe there was just a little break?
Maybe... I'll wait and see.
Hans
--
<iemand>
iemand heeft een gat gevonden in pdp's access.db? bel cnn
http://blacklist.kernelnewbies.nl
.
- References:
- Prev by Date: Re: [xmlrpc worm] Does it scan the servers before it probes the xmlrpc files?
- Next by Date: Re: Has anyone run these firewall leak tests?
- Previous by thread: Re: [xmlrpc worm] Does it scan the servers before it probes the xmlrpc files?
- Next by thread: Re: I zap Google cookies but it tracks me by IP - what else?
- Index(es):
