Need urgent help regarding security

Steve Bertrand iaccounts at
Thu Nov 17 02:51:14 GMT 2005


> > # ls -la /tmp
> also /var/tmp

Indeed, many people would install with a /var partition, which would put
/tmp under /var via symlink, but a good point.

> if you run awstats or phpBB - upgrade...

Agreed, but even phpBB may not be the fault. Many problems with PHP come
with the binary, not necissarily the app that uses it. I
said's best not to panic, and what you DON'T want, is for
the invader to know you are looking.

It's best (IMHO), to walk around him/her, until you find their access
point and intention, then go from there.

Most *((cr/h)ackers* (and I use that term VERY loosely (aka: script
kiddies)) are interested in rooting a box, and setting up a
storage/sharing area that is free to them. This may not be the case, but
it's better to 'observe' your foreign presence first.

If it is a real blackhat, you don't want to go pissing all over his work
before you have evidence, lest he pisses back on he will.
Otherwise, if it's a kiddie, there are simple ways to deal with that,
and learn from your vulnerabilities...always with the expectation that
the next hack will be from someone who didn't just download a
vulnerability from the 'net, and come across you with a
point-and-click-type scanner in a GUI interface.

Only my .02



More information about the freebsd-questions mailing list