httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Sander Holthaus - Orange XL" <i...@orangexl.com>
Subject Re: [users@httpd] [OT] Top 20 Security [Apache ?]
Date Fri, 04 Oct 2002 11:02:31 GMT
I wrote my own script to do this, and block the ip's-domains and in severe
cases the entire IP-block. But I'm still waiting for a few bugs in Apache to
be resolved before I can use it. (actually I could in 2.0.42, if there was
not a new bug in it)

But, if all administrators would do there work properly, it wouldn't be
neccesary.

----- Original Message -----
From: "J. Greenlees" <jaqui@shaw.ca>
To: <users@httpd.apache.org>
Sent: Friday, October 04, 2002 2:31 AM
Subject: Re: [users@httpd] [OT] Top 20 Security [Apache ?]


> if said administrators also went over the logs andtracked down the isp's
> for the servers infected with server based virus, then reported to the
> isp in question there would be a lot less of them out there.
> I did with my own isp, since a significant number of thier ip's are
> infected, they are getting on the cases of the admins responsible.
>
> also, reporting hacking attempts to the isp for the hacker will stop
> that from happening, since the isp will close account on them. ( someone
> tried to hack my wife's computer, the apache log showed it nicely. only
> took 24 hours for the isp to shut the person down. )
>
>
>
> Sander Holthaus - Orange XL wrote:
>
> >I think they are right. There are still vast numbers of vulnerable Apache
> >installations out there. If you look at the list closely however, you'll
see
> >that it is not so much the software that unsafe (except for the Windows
list
> >of course), but administrators just don't update frequently. If they did,
> >and configured their machines properly, thie world would be a better
place.
> >And it would be paradise if programmers coded properly. But most people
are
> >just plain lazy I afraid.
> >
> >----- Original Message -----
> >From: "JONES, WILLIAM C" <WCJONES@fccj.edu>
> >To: <users@httpd.apache.org>
> >Sent: Friday, October 04, 2002 1:53 AM
> >Subject: [users@httpd] [OT] Top 20 Security [Apache ?]
> >
> >
> >>[OT]
> >>See  -
> >>
> >>http://www.sans.org/top20/#index
> >>
> >>
> >>
> >>I think placing Apache on the top 20 hit list is somewhat outrageous...
> >>
> >>
> >>my $cents = 2;
> >>-Sx-
> >>
>
>
>
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>    "   from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message