[haiku-sysadmin] Re: Notification for 78.46.189.221 -> port80:ERROR / port22:ERROR / port443:ERROR / ping:ERROR
- From: waddlesplash <waddlesplash@xxxxxxxxx>
- To: haiku-sysadmin@xxxxxxxxxxxxx
- Date: Tue, 22 Sep 2015 23:31:48 -0400
On Tue, Sep 22, 2015 at 11:04 PM, <kallisti5@xxxxxxxxxxx> wrote:
My recommendation is to lock down baron and vmweb.
Urias, only allow yourself access. I can easily assume you
had nothing to do with what's going on currently.
We need to re-validate that things are secure and try to
figure out what's going on.
I don't know what's going on - I haven't logged in since the sudo
incident. I do know that a Drupal vulnerability was patched about a
week ago, and we were a bit late in patching; but Drupal/PHP/Apache
don't run as root, so an attacker shouldn't have been able to cause
this, even if they did get in...
-waddlesplash
Other related posts: