On Sun, Jan 1, 2012 at 6:03 PM, Fajar Priyanto <fajarpri@xxxxxxxxxx> wrote:
> On Mon, Jan 2, 2012 at 9:33 AM, RILINDO FOSTER <rilindo@xxxxxx> wrote:
> > The script in question is an exploit from a web board which is
> apparently designed to pull outside traffic. If you had SELinux, it would
> put httpd in its own context and by default, it will NOT allow connections
> from that context to another. You have to enable it with:
>
> The only time my server got hacked was because of phpBB. Using
> cross-site scripting, the hacker managed to put a pl file and when I
> ran it, it opened a console.
> Apparently you are running one of the web boards.
>
I'm not running phpBB or vBulletin. The script apparently runs on machine
X to attack a *different* machine Y where machine Y has vBulletin installed
on it.
> Pls follow up any
> security advisories of that product and any addon/module closely.
>
> If you are really curious how yours got hack. You can setup similar
> system and put a bounty (maybe $1000) in one of the underground
> community for anyone to hack it and tell you how they do it.
>
>
>
Is there a non-"underground" place to post such requests? It's not illegal
to offer a bounty to someone for finding a security hole in your system --
Facebook, Google, and Mozilla all do it.
Bennett
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
