Found, a new rootkit
Edward Krack
ekrack at sigecom.net
Tue Apr 4 01:43:13 UTC 2006
Gene Heskett:
> In doing some checking of a web server, we found an irc port open on
> 31377, one of the black hatters favorites. A port that portsentry was
> supposed to be rejecting but wasn't.
Why would your web server be write-able?
Configure Secure Defaults:
<Directory />
Order Deny,Allow
Deny from all
</Directory>
<Directory /path/to/html/docs>
Order Allow,Deny
Allow from all
</Directory>
Just my 2 cents.
Krack
More information about the fedora-list
mailing list