[thelist] Red Hat / Apache / General Security Reviews?

Anthony Baratta Anthony@Baratta.com
Sat Apr 21 23:08:54 2001

Previous message: [thelist] Red Hat / Apache / General Security Reviews?
Next message: [thelist] Red Hat / Apache / General Security Reviews?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Joe...

The first thing you need to do is find out how they got in. It might not 
even be Apache that let them in. It might have been a canned Perl Script, 
BIND, NFS, Sendmail, or even Cron. Once you figure that out - then you can 
evaluate how you take care of the box.

The biggest recommendation I can give if you are admining a box, is to 
subscribe to a security mailing list for the OS's you manage - the best are 
located here:

	http://www.securityfocus.com/

They have a ton of OS and hack specific mailing lists that you can monitor 
for exploits that are being attempted.

Also sign up for the CERT alerts here:

	http://www.cert.org/contact_cert/certmaillist.html

Lastly, if you manage NT/2K, get on this list:

	http://www.microsoft.com/technet/security/notify.asp
---
Anthony Baratta
President
Keyboard Jockeys

Previous message: [thelist] Red Hat / Apache / General Security Reviews?
Next message: [thelist] Red Hat / Apache / General Security Reviews?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]