Date: Wed, 16 Nov 2005 21:51:08 -0500 From: "Steve Bertrand" <iaccounts@ibctech.ca> To: "'kalin mintchev'" <kalin@el.net>, "'Steve Bertrand'" <iaccounts@ibctech.ca> Cc: 'FreeBSD Questions' <questions@freebsd.org>, 'Mark Jayson Alvarez' <jay2xra@yahoo.com> Subject: RE: Need urgent help regarding security Message-ID: <20051117025112.3707143D45@mx1.FreeBSD.org> In-Reply-To: <51190.68.165.89.71.1132194943.squirrel@mail.el.net>
next in thread | previous in thread | raw e-mail | index | archive | help
> > # ls -la /tmp > > also /var/tmp Indeed, many people would install with a /var partition, which would put /tmp under /var via symlink, but a good point. > if you run awstats or phpBB - upgrade... Agreed, but even phpBB may not be the fault. Many problems with PHP come with the binary, not necissarily the app that uses it. However...like I said before...it's best not to panic, and what you DON'T want, is for the invader to know you are looking. It's best (IMHO), to walk around him/her, until you find their access point and intention, then go from there. Most *((cr/h)ackers* (and I use that term VERY loosely (aka: script kiddies)) are interested in rooting a box, and setting up a storage/sharing area that is free to them. This may not be the case, but it's better to 'observe' your foreign presence first. If it is a real blackhat, you don't want to go pissing all over his work before you have evidence, lest he pisses back on you...as he will. Otherwise, if it's a kiddie, there are simple ways to deal with that, and learn from your vulnerabilities...always with the expectation that the next hack will be from someone who didn't just download a vulnerability from the 'net, and come across you with a point-and-click-type scanner in a GUI interface. Only my .02 Steve > > >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20051117025112.3707143D45>