Security Breach ?

[Chris Strzelczyk]

>
> The key question is  "As far as I understand this vulnerability it is
> limited to the user Apache is run by correct?"
>
> The answer is you don't know how far they went.
>
> Once you have local access then you can use a second exploit to get
> root access, or attack another system using the owned system.  If the
> user apache was not configured properly then they may have been able
> to steal the shadow file and crack your passwords.

This is very true.  I am building another box to replace this one which 
will happen today.  Mean while I am
monitoring connections on the box.  This is the best I can do to limit 
down time.  I have seen no suspicious activity
since.  "As far as I know".
>
> Please do everyone a favor, if you have not already done this.  Pull
> the plug, yes I mean this and I mean right now.  Don't power it back
> up until you have the CD's to reload it, without a network connection.
>  You have seen the rest in other posts.

Yes the box will be going down.  I agree this is the best way to be 
sure is wipe the drive clean.
>
> May be it will help if you understand that CISSP is Certified
> Information Systems Security Professional and requires a minimum of 2
> years experience and passing a 6 hour exam.  In other words I'm not
> just making this up.

I know what CISSP means I work right next to one.  But thanks :)  
Someday I would like to take the exam
but I'm only 25 and I figure I can use more experience.  Acutally I 
figure I need more experience, I'll put this
in the lessons learned column.
>
> -- 
> Leonard Isham, CISSP
> Ostendo non ostento.
>
> -- 
> fedora-list mailing list
> fedora-list at redhat.com
> To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list
>