httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Chris Zakelj <>
Subject Re: [users@httpd] Re: attacks
Date Sat, 18 Sep 2004 04:10:37 GMT
Well, if you're running Linux or any of the BSD family, you don't have 
to worry about these particular attacks, other than the possibility of 
/var being filled by all the cruft that ends up in your logs because of 
them.  That would result in a potential DoS situation depending on your 
configuration.  Things are less certain if you are running Windows. 
Though Apache itself isn't directly vunerable the same way IIS is, 
security bugs may exist which could allow remote access, and since we 
all know how secure Windows is.....

I strongly suggest using some sort of firewall between the internet at 
large and your servers (I like OpenBSD+pf the best, but other options 
exist), and making sure you keep up with security updates (the bugtraq 
and securityfocus lists help immensely).  Besides that, read and learn 
as much as you can.  Have a couple of boxes at home you can practice on, 
screw around with, and not panic if/when you break them.  There will 
*always* be someone attempting to gain access to your system.  Your job 
is to make it harder to get in (mostly through firewalls, not running 
unneeded services, and writing safe code), limiting damage should they 
succeed (chroot jails, root/su/admin forbidden except from console, 
write permission denial, etc), and ALWAYS HAVING BACKUPS.

Eugene wrote:

>Hello Chris, thanks for reply! In this case nothing has happened but tell
>me is these guys just idiots or this have some danger for me? I
>worrying because one day before somebody have tryed to hack site
>engine writed by me - this site used by one important government
>organization so I dont think its just coincidence - two days from the
>same IPs. What can I expect more? I'm not an corporation, I'm
>individual living from small contracts, so I need to know how to
>defend myself. Should I reconfigure the server to be prepared for
>something more? If yes -I dont have any idea how to do this. Its
>never happened before with the same frequency like in these two days.
>BTW, I have more sh*t like this now of any kind.

The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message