Need urgent help regarding security
iaccounts at ibctech.ca
Thu Nov 17 02:51:14 GMT 2005
> > # ls -la /tmp
> also /var/tmp
Indeed, many people would install with a /var partition, which would put
/tmp under /var via symlink, but a good point.
> if you run awstats or phpBB - upgrade...
Agreed, but even phpBB may not be the fault. Many problems with PHP come
with the binary, not necissarily the app that uses it. However...like I
said before...it's best not to panic, and what you DON'T want, is for
the invader to know you are looking.
It's best (IMHO), to walk around him/her, until you find their access
point and intention, then go from there.
Most *((cr/h)ackers* (and I use that term VERY loosely (aka: script
kiddies)) are interested in rooting a box, and setting up a
storage/sharing area that is free to them. This may not be the case, but
it's better to 'observe' your foreign presence first.
If it is a real blackhat, you don't want to go pissing all over his work
before you have evidence, lest he pisses back on you...as he will.
Otherwise, if it's a kiddie, there are simple ways to deal with that,
and learn from your vulnerabilities...always with the expectation that
the next hack will be from someone who didn't just download a
vulnerability from the 'net, and come across you with a
point-and-click-type scanner in a GUI interface.
Only my .02
More information about the freebsd-questions