On Tuesday 24 January 2006 15:18, Mike McCarty wrote: >Gene Heskett wrote: >> On Tuesday 24 January 2006 14:20, Mike Klinke wrote: >>>On Tuesday 24 January 2006 13:08, Mike McCarty wrote: >>>>I'm a little shocked at this, frankly. I Googled around, and >>>>found mentions of the Slapper going back to 2002. Why is it that >>>>this exploit (and variations of it) haven't all been stamped >>>>out years ago? >>> >>>Read the link I posted yesterday, according to them, it's been >>>rewritten to exploit new ways to get in to your box. >>> >>>http://www.lurhq.com/slapperv2.html >> >> If this file mentioned on the site doesn't exist on any of my >> systems, is it safe to assume relative safety against this attack? >> >> I would think so when combined with the ISP's (vz) blocking of port >> 80, but what do I know... Thats why I asked, Mike. > >I suppose you mean "Mike Klinke" and not "Mike McCarty" :-) > Well (chuckle), I was replying to Mike Klinke, but anyone who knows the answer is welcome to chime in with their 2 cents. >I dunno. I just ran > ># find / -nmae xmlrpc.php -print > >and didn't come up with anything. But that's expected, since >I run behind a router set up as a firewall, completely stealth >except for the e-mail challenge port (which is closed). A > >$ ps -A | grep pache >$ ps -A | grep ssl > >doesn't show anything, so Apache isn't running, and I guess >SSL isn't either. > >Mike IIRC the httpd is running on that box as I used localhost:631 to configure cups not too long ago, which reminds me, I need to redo that because I've traded gutenprint-5.0.0beta2 for gutenprint-5.0.0-rc2 on this, the print server. But thats a RH7.3 box so the apache is a 1.3.something, but uptodate AFAIK. -- Cheers, Gene People having trouble with vz bouncing email to me should add the word 'online' between the 'verizon', and the dot which bypasses vz's stupid bounce rules. I do use spamassassin too. :-) Yahoo.com and AOL/TW attorneys please note, additions to the above message by Gene Heskett are: Copyright 2005 by Maurice Eugene Heskett, all rights reserved. -- fedora-legacy-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-legacy-list
