Mike McCarty wrote:
Gene Heskett wrote:
On Tuesday 24 January 2006 14:20, Mike Klinke wrote:
On Tuesday 24 January 2006 13:08, Mike McCarty wrote:
I'm a little shocked at this, frankly. I Googled around, and
found mentions of the Slapper going back to 2002. Why is it that
this exploit (and variations of it) haven't all been stamped
out years ago?
Read the link I posted yesterday, according to them, it's been
rewritten to exploit new ways to get in to your box.
http://www.lurhq.com/slapperv2.html
If this file mentioned on the site doesn't exist on any of my systems,
is it safe to assume relative safety against this attack?
I would think so when combined with the ISP's (vz) blocking of port
80, but what do I know... Thats why I asked, Mike.
I suppose you mean "Mike Klinke" and not "Mike McCarty" :-)
I dunno. I just ran
# find / -nmae xmlrpc.php -print
What I get for typing that in instead of cut and paste.
Of course, that was "name" not "nmae".
Mike
--
p="p=%c%s%c;main(){printf(p,34,p,34);}";main(){printf(p,34,p,34);}
This message made from 100% recycled bits.
You have found the bank of Larn.
I can explain it for you, but I can't understand it for you.
I speak only for myself, and I am unanimous in that!
--
fedora-legacy-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-legacy-list
