[Ilugc] reg apache security
- From: phani@xxxxxxxxxxxxx (phani@xxxxxxxxxxxxx)
- Date: Mon, 28 Oct 2002 20:15:48 +0530
On Mon, Oct 28, 2002 at 06:00:29PM +0530, sathish wrote:
hi,
Hi all
iam maintaining webserver here with inbound policy in my router for http,
smtp and pops.
iam using kernel version 2.4 ..
iam seeing some security breach as of now.
when i login and logout using my username iam seeing some info in french
or some language which iam not able to find out.
is it possible to come in though http port and handle my server.
is any solution to deny in apache too.
if so please help me about this.iam worried about other data server being
attacked through this webserver which are in one lan..
Yes of course it is possible to come in thru the http port. There was a recent
buffer overflow exploit for Apache which was released (i think by cert, check
em up).
It is also possible to attack other servers thru this server, but again it
depends on the attacker knowing your n/w architecture. I guess it would not be
very difficult to guess something like that, but if you are securing your data
server then the chances could be minimal.
If you are looking at some strange text then the first place to start would be
the apache logs. check em up. May be u can sanitize the IPs and post a snapshot
of the logs. Ppl might help you out.
hth
phani
Other related posts: