[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> wrote on :
> On Wed, Mar 15, 2006 at 12:31:06PM +0000, Gaby vanhegan wrote: >> 1. How do I find out their attack vector? I have had a nessus scan >> performed on the machine, but it did not present any security (I can >> supply on request). I've checked the security releases in >> security.html and there are no pertinent ones for httpd. Snort has >> provided little useful information (I can provide access to the >> snort logs if required). Your access log only shows the request errors (404, 408) this makes it useless for finding the entry point (which would be logged with 2xx) assuming it's httpd. The error log looks kinda scary... btw rotating the logs makes them easier to manage) >> 2. If I can't stop them getting in, is there any way to observe what >> they're doing, or how they're doing it, so I can get a pointer to >> the hole. >> >> i've run out of ideas here. Can you help? > > php is old, and best avoided as a matter of general principle. There > have been several security bugs found and fixed since 4.3.8. my bets are on php -- drs. Mark C. Prins Spatial Fusion Specialist / Network Administration SkypeMe@ skype:mark.prins-caris.nl -- ________________________________________________________ CARIS Geographic Information Systems BV phone: +31 413 296 010 fax: +31 413 296 012 web: http://www.caris.nl product support: [EMAIL PROTECTED] sales/marketing: [EMAIL PROTECTED] ________________________________________________________ This email contains confidential information for the intended recipient. If you are not the intended addressee, please notify us immediately. You should not use, disclose, distribute or copy this communication if received in error. No binding contract will result from this message until such a time as a written contract has been signed on behalf of the company named above. ________________________________________________________ This message has been scanned for viruses using McAfee Groupshield. This message may have been modified by the virusscanner. ________________________________________________________ We are exhibiting at Oceanology International London. Visit us on stand 931. For more information visit www.oi06.com
