Another security problem..
Matthew Nuzum
matt.followers at gmail.com
Thu Oct 20 19:38:52 UTC 2005
> From: fedora-legacy-list-bounces at redhat.com [mailto:fedora-legacy-list-
> bounces at redhat.com] On Behalf Of Jim Popovitch
> Sent: Thursday, October 20, 2005 11:59 AM
> Subject: Re: Another security problem..
>
> Another? Heck, that's old stuff from quite some time (Internet time)
> ago. If I had a nickel for every invalid file access attempt..... ;-)
>
> -Jim P.
>
A little over a week ago, someone was running nessus against one of my
servers and it was hitting it so hard the server load soared. I'm not sure
what they were doing because when I run nessus (even on the same server) the
server load doesn't do that.
But that's not my point... if you run a web-facing server there are some
plugins for nessus that cause it to search for known-vulnerable web
applications and such. It's a good idea to run it periodically so that you
can find if you're exposed before someone else does.
I've not looked into it, but it would be nice if there was some *simple* to
maintain script that would detect these types of probes and automatically
add the IP to hosts.deny and etc.
--
Matthew Nuzum <matt at followers.net>
www.followers.net - Makers of "Elite Content Management System"
View samples of Elite CMS in action by visiting
http://www.followers.net/portfolio/
More information about the fedora-legacy-list
mailing list