[thelist] Red Hat / Apache / General Security Reviews?
Daniel J. Cody
djc at starkmedia.com
Sun Apr 22 02:43:53 CDT 2001
Hey Joe -
Joe Crawford wrote:
> So I added a virtual host to it the other day, and about an hour later we
> got hacked (they were very nice, and made backups of the home pages for the
> domains) their tag was "1i0n Crew H.U.C".
>
> I made some changes to Apache, allowing cgi in any directory a few weeks
> ago.
One thing you wanna make sure you have turned off is the
'IncludesNOEXEC' option of the <directory> directive. If you have that
enabled, someone could upload a CGI script(e.g. perl script) that could
let them do all sorts of nasty things..
Also, are you sure it was apache that got cracked? Do you have anything
else on that box(DNS, NFS, rsync, MySQL) that could have allowed the
crackers to get in? Apache itself is very secure when config'd properly..
Give some more details and we'll track it down :)
.djc.
More information about the thelist
mailing list