[thelist] Red Hat / Apache / General Security Reviews?

Daniel J. Cody djc at starkmedia.com
Sun Apr 22 02:43:53 CDT 2001


Hey Joe -

Joe Crawford wrote:

> So I added a virtual host to it the other day, and about an hour later we
> got hacked (they were very nice, and made backups of the home pages for the
> domains) their tag was "1i0n Crew H.U.C".
> 
> I made some changes to Apache, allowing cgi in any directory a few weeks
> ago.

One thing you wanna make sure you have turned off is the 
'IncludesNOEXEC' option of the <directory> directive. If you have that 
enabled, someone could upload a CGI script(e.g. perl script) that could 
let them do all sorts of nasty things..

Also, are you sure it was apache that got cracked? Do you have anything 
else on that box(DNS, NFS, rsync, MySQL) that could have allowed the 
crackers to get in? Apache itself is very secure when config'd properly..

Give some more details and we'll track it down :)

.djc.





More information about the thelist mailing list