[Gllug] Apache mod_ssl

[Jason Clifford]

On Wed, 11 Aug 2004, Xander D Harkness wrote:

> Thanks for all the feedback,  I was hanging out with a load of guys who 
> had also managed servers for ISPs and there was absolutely no firm or 
> agreed method of handling certs and passwords :-)
> 
> I was also wondering if people who managed shared hosting environments 
> did anything to monitor vulnerable scripts or cgi programs.  The most 
> obvious is formmail.cgi that has long been exploited by spammers of all 
> varieties.
> 
> I currently use snort which picks up a lot of scripts and and other 
> files passing across the network.  Any other ideas?

It's a hard one (as the weekend's nightmare showed). Not only do you need 
to catch all the known scripts that have security flaws but you also have 
to try and combat the unknown ones - ie those written by users themselves.

I don't know the answer to this other than to provide some basic advise on 
handling input in scripts including example code.

As to scripts or applications from outside developers I have banned a 
couple including Matt's formmail and, now, ikonboard.

When considering formmail do remember that the NMS version is safe enough.

Jason Clifford
-- 
UKFSN.ORG		Finance Free Software while you surf the 'net
http://www.ukfsn.org/	   ADSL Broadband from just £22.50 / month 

-- 
Gllug mailing list  -  Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug