PHP Attacks....
James Kosin
jkosin at beta.intcomgrp.com
Wed Nov 9 15:26:48 UTC 2005
-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160
Everyone,
In light of the recent PHP attacks, I've added as a precautionary
measure the mod_security module to my RPM for the httpd (Apache) web
server to help secure things more.
I haven't experienced the problem; yet, KNOCKING on WOOD LOUDLY. But
with the recent spike of activity of this worm, I have to take
proactive action. Anyone using my version of the updates can disable
the security module by going to /etc/httpd/conf.d/security.conf and
commenting out the LoadModule line in the configuration file.
I'll probably be acting by updating PHP also for FC1, if someone
doesn't get going on this for FC1 & FC2 builds... which seem to be
susceptible to this attach.
http://support.intcomgrp.com/~jkosin
James Kosin
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (MingW32)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFDchU4kNLDmnu1kSkRA27TAJ0R6ujZEbMu42H/xxwk7trIb2o51QCgg+yG
b3b9F4EZEoP1bUGA8Mmlz2I=
=D6S2
-----END PGP SIGNATURE-----
--
Scanned by ClamAV - http://www.clamav.net
More information about the fedora-legacy-list
mailing list