On Monday 11 April 2005 15:44, Chris Kenward wrote: > Hey Reuben > > > It's a posibility. If your apache is compromised through one of > > the vulnerable program/package (eg. cgi stuff) that is run there, > > then it's possible for hacker to get shell access, and basically > > download anything that the hacker wants to your machine, like more > > exploit, IRC bots, etc. > > What are you trying to do - spoil my day? <chuckle> Now, why would I want to do that ? :) > The problem is there is just so much stuff that can be changed - I mean > there are just hundreds of websites on this particular server. Although > it's not been compromised more than this couple of timese in the last > couple of years, it seems that fighting it is a losing battle designed to > lose us our hair and put the blood pressure up. As I said earlier, security is a process. It's also a judgement call. There is no such thing that "my system is completely secure". At some point you have to decide whether you can be reasonably confident that your system is secure. On the practical side, it's also good to know what's going on the machine. Keep track of third party software installed, keep on top of vulnerabilities for these software, always updates as soon as possible when there is updates (in this case, from RHN). These are few basic things that a sysadmin should do. I know other folks here who has much more experience who can probably say this in much better way. I am myself still learning about all these. RDB -- Reuben D. Budiardja Dept. Physics and Astronomy University of Tennessee, Knoxville, TN -----BEGIN GEEK CODE BLOCK----- Version: 3.12 GIT/M/MU/P/S d-(++) s: a-- C++(+++) UL++++ P-- L+++>++++ E- W+++ N+ o? K- w--- !O M- V? !PS !PE Y PGP- t+ 5 X R- tv+ b++>+++ DI D(+) G e++>++++ h+(*) r++ y->++++ ------END GEEK CODE BLOCK------ -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list