[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: possible apache flaw ?
I am the one in charge of most PHP on our site. It has nothing to do with
in php scripts as even the most insecure script would not make apache
"give" someone a shell. I didn't get the chance to portscan the server and
see if it really
binds a shell to some port because of pf having very restrictrive rules but
explain the idling (user 'www' loggued in for 10 minutes idling before I
kill the process).
I will disable pf in a few hours and see if I can get more infos but for now
all I can do
is constantly auditing logs in search of weird things.
-- bofh at kheos.net && skreel.org - bofh, the choice of a degenerated
'Un jour, un canard qui se prénommait Harry dit à une cane: ris, cane ! Et
la cane a ri.'
> On Monday, March 11, 2002 3:00 PM (in Japan) veins warned:
> > yes, everything is up to date, this is what scares me...
> Who's writing the php on your site? Could it have anything to do with
> Joel Rees
> Alps Giken Kansai Systems Develoment
> Suita, Osaka