Re: Centos 5.3 -> Apache - Under Attack ? Oh hell....

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] 

On Wed, 2009-06-03 at 00:46 -0500, John R. Dennison wrote:
> On Wed, Jun 03, 2009 at 12:30:10AM -0500, Neil Aggarwal wrote:
> > 
> > It would be prudent to review his web code to see
> > if he did something in an insecure way.  If his code
> > is open to attack, it will be so even if he puts it
> > on a new machine.
> 
> 	Hence my statements to evaluate the web-apps he has running :)
> 
> 	I will bet dollars to donuts he had a web app with a known issue
> 	that was not patched.  Also goes back to my previous statement
> 	of fully patching.
> 
---
Dollars to Donuts ehhh???
How many donuts you think it will take to pay for legal costs and clean
up if there are customer data on the machine? I think right about now I
would:
1. Notify Risk Management and Your Compliancy Officer.
2. Take it off the network connections.
3. Do a live rsync and dd image + ram copy = running processes/hidden.
4. Same as 3. but with the machine off.
5. The company attorney needs to be notified.
6. By State and Federal Law in the US you have so many days to report
incidents like this to users (customers) and law enforcement.

JohnStanley

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux