Security Breach ?
Chris Strzelczyk
cstrzelczyk at nobletechnology.net
Thu Mar 3 14:43:46 UTC 2005
>
> The key question is "As far as I understand this vulnerability it is
> limited to the user Apache is run by correct?"
>
> The answer is you don't know how far they went.
>
> Once you have local access then you can use a second exploit to get
> root access, or attack another system using the owned system. If the
> user apache was not configured properly then they may have been able
> to steal the shadow file and crack your passwords.
This is very true. I am building another box to replace this one which
will happen today. Mean while I am
monitoring connections on the box. This is the best I can do to limit
down time. I have seen no suspicious activity
since. "As far as I know".
>
> Please do everyone a favor, if you have not already done this. Pull
> the plug, yes I mean this and I mean right now. Don't power it back
> up until you have the CD's to reload it, without a network connection.
> You have seen the rest in other posts.
Yes the box will be going down. I agree this is the best way to be
sure is wipe the drive clean.
>
> May be it will help if you understand that CISSP is Certified
> Information Systems Security Professional and requires a minimum of 2
> years experience and passing a 6 hour exam. In other words I'm not
> just making this up.
I know what CISSP means I work right next to one. But thanks :)
Someday I would like to take the exam
but I'm only 25 and I figure I can use more experience. Acutally I
figure I need more experience, I'll put this
in the lessons learned column.
>
> --
> Leonard Isham, CISSP
> Ostendo non ostento.
>
> --
> fedora-list mailing list
> fedora-list at redhat.com
> To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list
>
More information about the fedora-list
mailing list