Re: Attack ???

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi Tiago,

  Do an assessment on your Linux box and check out for the vulnerabilities 
(Like phf).  Then do an analysis for the log files. 
  If your system is vulnerable then there are chances of gaining the access 
to your network.
Dharmu

On Friday 15 March 2002 06:38 pm, Tiago Fioreze wrote:
>   Hi Dharmendra !!!
>
>   I didn't write none php cgi-bin script. I am distrustful that it is the
> second hypothesis, but I think odd that the logs in Apache does not seem
> www solicitations.
>
>   What I make ?
>
>   Tiago Fioreze
>
> Citando "Dharmendra.T" <dharmu@nsecure.net>:
> > Hi ,
> > I hope you have written php cgi-bin script. And when the user try to
> > access
> >
> > some document in the cgi-bin directory it is looking for the php in
> > /usr/local/bin/php.
> > Another chance is somebody trying the phf exploit on your machine.
> > Regards
> > Dharmendra.T
> > Linux Security Expert
> > www.nsecure.net
> >
> > On Friday 15 March 2002 02:12 am, Tiago Fioreze wrote:
> > >         Hi all !!!
> > >
> > >         I'm noting the following message in my error_log file
> > > of Apache :
> > >
> > >  sh: /usr/local/bin/ph:  não localizado.
> > >  sh: /usr/local/bin/ph:  não localizado.
> > >  sh: /usr/local/bin/ph:  não localizado.
> > >  sh: /usr/local/bin/ph:  não localizado.
> > >  sh: /usr/local/bin/ph:  não localizado.
> > >  sh: /usr/local/bin/ph:  não localizado.
> > >
> > >         PS. 'não localizado' = not located
> > >
> > >         What's this ?
> > >
> > >         Thanks a lot !
> > >
> > >         Tiago Fioreze
> > >
> > > -----------------------------------------------------------------------
> > >- To unsubscribe email security-discuss-request@linuxsecurity.com with
> > > "unsubscribe" in the subject of the message.
> >
> > ------------------------------------------------------------------------
> >      To unsubscribe email security-discuss-request@linuxsecurity.com
> >          with "unsubscribe" in the subject of the message.
>
> ------------------------------------------------------------------------
>      To unsubscribe email security-discuss-request@linuxsecurity.com
>          with "unsubscribe" in the subject of the message.

------------------------------------------------------------------------
     To unsubscribe email security-discuss-request@linuxsecurity.com
         with "unsubscribe" in the subject of the message.
[Index of Archives]     [Fedora Announce]     [Linux Crypto]     [Kernel]     [Netfilter]     [Bugtraq]     [USB]     [Fedora Security]

  Powered by Linux