Re: firewall?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] 

On 07/17/11 1:24 AM, Ljubomir Ljubojevic wrote:
> If you check the frequency of Apache (httpd) security bugs on CentOS
> 5.x, I think you will see several Denial Of Service bugs, but only one
> or two that would allow code execution. And bug reports for Apache are
> made to secure mailing list so rest of the world is not aware of them
> until they are already fixed.
>
> So I would not be overly concerned about HTTP tunneling attacks.

most successful exploits of 'nix web servers involve poorly implemented 
user code, such as exploitable PHP, perl cgi, etc, things that allow sql 
insertion attacks, etc etc.

http://xkcd.com/327/



-- 
john r pierce                            N 37, W 122
santa cruz ca                         mid-left coast

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux