Results 1 to 5 of 5

Thread: Linux webserver admins need to do their updates too :)

  1. #1
    Administrator Moby-Dick's Avatar
    Join Date
    Jul 2003
    Location
    There's no place like ::1 (IPv6 version)
    Posts
    10,665
    Thanks
    53
    Thanked
    385 times in 314 posts

    Linux webserver admins need to do their updates too :)

    Its not just our humble boxes that need a patch from time to time

    http://www.theregister.co.uk/2006/02/20/linux_worm/

    I'd better put a bit of a disclaimer here : I'm not trying to be smug about the existance of Malware that can affect Linux systems , I post up litttle reminders for as many systems as I am aware of. Its just highlighting the importance of keeping your kit up to date , no matter what it runs on.
    my Virtualisation Blog http://jfvi.co.uk Virtualisation Podcast http://vsoup.net

  2. #2
    The late but legendary peterb - Onward and Upward peterb's Avatar
    Join Date
    Aug 2005
    Location
    Looking down & checking on swearing
    Posts
    19,378
    Thanks
    2,892
    Thanked
    3,403 times in 2,693 posts
    Very timely warning that regardless of operating system, you cnnot be complacent about keeping systems/applications up to date. Also worth repeating that applications are prone to security exploits, even if the underlying OS is 'secure' - unless you are using an evaluated and trusted computing base - and even then there is no room for complacency.
    (\__/)
    (='.'=)
    (")_(")

    Been helped or just 'Like' a post? Use the Thanks button!
    My broadband speed - 750 Meganibbles/minute

  3. #3
    Seething Cauldron of Hatred TheAnimus's Avatar
    Join Date
    Aug 2005
    Posts
    17,164
    Thanks
    803
    Thanked
    2,152 times in 1,408 posts
    an underlying OS can be secure, its normally not the kernels fault what happens!

    Patching is very important, and hopefully a regular at risk period for patching can be achived
    throw new ArgumentException (String, String, Exception)

  4. #4
    Senile Member
    Join Date
    Dec 2003
    Posts
    442
    Thanks
    3
    Thanked
    0 times in 0 posts
    I was surprised to see a lot of convoluted XML requests for PHP files on my server today (especially I don't run any PHP!).

    As above the OS could be totally flawless but if you run badly programmed apps then they will be your downfall.

    Presumably it would have been as easy to compromise a windows server running these particular PHP apps too (ISTR PHP is available for windows or do i remember wrong?).

  5. #5
    The late but legendary peterb - Onward and Upward peterb's Avatar
    Join Date
    Aug 2005
    Location
    Looking down & checking on swearing
    Posts
    19,378
    Thanks
    2,892
    Thanked
    3,403 times in 2,693 posts
    The register article implies that it is *nix platforms that are particularly vulnerable. I haven't looked at this in depth, but possibly because the PHP interpreter runs with root priviliges, or it subverts the underlying web server (Apache ecommend that a 'ghost' user and group is created just to run Apache to minimise the risk of running as root).

    But I'm not a PHP expert and I havene't seen any other info...

    Edit - just found this... http://www.f-secure.com/v-descs/mare_d.shtml
    Last edited by peterb; 21-02-2006 at 09:57 AM.
    (\__/)
    (='.'=)
    (")_(")

    Been helped or just 'Like' a post? Use the Thanks button!
    My broadband speed - 750 Meganibbles/minute

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Linux - Anyone educated in it?
    By gamezfreak in forum Software
    Replies: 19
    Last Post: 12-12-2007, 10:42 AM
  2. Run Windows software on Linspire desktop Linux
    By Bob Crabtree in forum HEXUS News
    Replies: 0
    Last Post: 09-02-2006, 01:16 AM
  3. Moving from XP to Linux
    By Ceefer in forum Software
    Replies: 8
    Last Post: 25-04-2005, 09:27 AM
  4. We heard your feedback on Newegg....
    By DR in forum General Discussion
    Replies: 33
    Last Post: 05-03-2005, 08:13 PM
  5. setting up a webserver
    By Gubs in forum Networking and Broadband
    Replies: 6
    Last Post: 16-09-2003, 12:49 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •