Re: shellshock - detect in Apache?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 26 Sep 2014 at 13:19, Gary Stainburn wrote:

From:           	Gary Stainburn <gary.stainburn@xxxxxxxxxxxxxx>
Organization:   	Ringways Garages Ltd
To:             	Community support for Fedora users 
<users@xxxxxxxxxxxxxxxxxxxxxxx>
Subject:        	shellshock - detect in Apache?
Date sent:      	Fri, 26 Sep 2014 13:19:29 +0100
Send reply to:  	Community support for Fedora users 
<users@xxxxxxxxxxxxxxxxxxxxxxx>

> Is there any way to detect an attack within Apache and block it?
> 
> I'm thinking of a rule or something to check the user-agent or equiv before 
> calling the CGI or PHP etc.
> 
> I'm looking to protect some old servers where BASH updates won't be 
> forthcoming
> 
> (I know the answer is to upgrade the servers, but these aren't my servers and 
> it ain't my call)


Another option would be to build the latest version of bash.
ftp://ftp.gnu.org/gnu  has serveral versions of bash a number of them have 
patch directories with Sep 24th date.

I download the 
ftp://ftp.gnu.org/gnu/bash/bash-4.3.tar.gz
and the patches in 
ftp://ftp.gnu.org/gnu/bash/bash-4.3-patches/

Installed the 25 patches and then build the code.
Running the test on that version of bash passes the test.

Don't know if there would be any issues with then replacing the older bash on 
a system with the newly build one, but that didn't take much time to build.



> -- 
> users mailing list
> users@xxxxxxxxxxxxxxxxxxxxxxx
> To unsubscribe or change subscription options:
> https://admin.fedoraproject.org/mailman/listinfo/users
> Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
> Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
> Have a question? Ask away: http://ask.fedoraproject.org


+----------------------------------------------------------+
  Michael D. Setzer II -  Computer Science Instructor      
  Guam Community College  Computer Center                  
  mailto:mikes@xxxxxxxxxxxxxxxx                            
  mailto:msetzerii@xxxxxxxxx
  http://www.guam.net/home/mikes
  Guam - Where America's Day Begins                        
  G4L Disk Imaging Project maintainer 
  http://sourceforge.net/projects/g4l/
+----------------------------------------------------------+

http://setiathome.berkeley.edu (Original)
Number of Seti Units Returned:  19,471
Processing time:  32 years, 290 days, 12 hours, 58 minutes
(Total Hours: 287,489)

BOINC@HOME CREDITS
ROSETTA     19981840.971965   |   SETI        33950436.647387
ABC         16613838.513356   |   EINSTEIN    34233765.925899

-- 
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [EPEL Devel]     [Fedora Magazine]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Desktop]     [Fedora Fonts]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Fedora Sparc]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux