hacked?
Rick Stevens
rstevens at internap.com
Tue Apr 10 16:35:55 UTC 2007
On Mon, 2007-04-09 at 20:39 -0600, Karl Pearson wrote:
> On Mon, April 9, 2007 12:26 pm, Rick Stevens wrote:
<snip>
> >> It seems like I always have to depend on someone to secure the machines to
> >> some extent, whther it's the OS writers, the ap writers, or whatever. But,
> >> I'll do my best (and, yes, I am learning!).
> >>
> >> In the .htaccess, it seems that send-as-is *.pdf would not get around this
> >> problem, since the hacker put in something called 100.php.3 . But, could I
> >> put in send-as-is * and just have EVERYTHING sent as is, nothing
> >> interpreted?
> >
> > Yes, that would do it. And make sure you do that ESPECIALLY in the
> > upload directory.
>
> Doesn't that prevent index.cgi type files from working correctly?
Yes, it will. But in an upload directory, who cares? You don't want
people snooping around in there anyway, do you? I don't.
In my world, upload directories are quarantined...you can't look into
them, know what's in them and you can't download from them...UNTIL I
look them over and move them to a non-quarantined area. I also don't
permit CGI scripts of ANY kind to run anywhere on my systems until I've
checked them and given them a clean bill of health.
----------------------------------------------------------------------
- Rick Stevens, Principal Engineer rstevens at internap.com -
- VitalStream, Inc. http://www.vitalstream.com -
- -
- Okay, who put a "stop payment" on my reality check? -
----------------------------------------------------------------------
More information about the Redhat-install-list
mailing list