[Nottingham] forums.planetnottslug.org
Michael Erskine
msemtd at yahoo.co.uk
Wed Oct 26 13:21:47 BST 2005
On Wednesday 26 October 2005 13:01, Graeme Fowler wrote:
> However, having your webserver/site defaced or compromised is not.
> phpBB is a widely-used moving target in terms of passthru/sql
> injection/arbitrary code execution holes, so please ensure that it is
> kept up to date. Anyone with admin access to the site or server should
> ideally make sure you get subscribed to the relevant "announce" lists
> at the very least, and keep on top of updates.
>
> It's a very short time from exploit announcement (and corresponding
> patch release, normally) to site defacement, in my experience.
I assume that if our potential host a smart cookie, he'll be on top of the
security issue. Sometime I watch the apache logs on my webserver as masses of
exploit attempts roll by. Sometimes I report abusers to their ISPs - but
life's too short. I'm familiar with the code for the active parts of my own
servers (all Perl of course!) and I'm happy with its security for the most
part. I recommend that other server admins avoid blind acceptance of their
systems and get involved in the development of the features that they use.
> Graeme (speaking with his abuse handling hat on)
One of those hats would go well with this abuse attracting jacket I wear.
Regards,
Michael Erskine
--
Never play pool with anyone named "Fats".
___________________________________________________________
Yahoo! Messenger - NEW crystal clear PC to PC calling worldwide with voicemail http://uk.messenger.yahoo.com
More information about the Nottingham
mailing list