Why not just get the new version of webalizer at ftp://ftp.mrunix.net/pub/webalizer/webalizer-2.01-10-src.tgz and upgrade? Its dead simple to install.
Or use awstats, which I feel has much more relevant statistics, and is laid out in a much better manner. Siggy ----- Original Message ----- From: "Jonothon Ortiz" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Friday, April 19, 2002 1:58 AM Subject: [cobalt-developers] URGENT: Webalizer 2.01-09 / 2.01-06 Vulnerability > http://www.securiteam.com/securitynews/5VP0B1P6UY.html > > If you don't know if this affects you, look at your stats and see if Agents > by Country is reporting anything other than "100% Unknown/Unresolved" - if > it does then your webalizer is vulnerable via rDNS. > > Quick Fix: > > Unfortunately, the only way to prevent this until the latest release is out > for Cobalt users is to edit the /etc/httpd/conf/httpd.conf file. Open it up > and locate the line that says > > HostnameLookups on > > Comment this line out and add one for "off" > > #HostnameLookups on > HostnameLookups off > > That should do it. Unfortunately, your clients will be unable to generate by > country stats until it's resolved so you will probably want to contact your > clients before doing it. It's only been a day since it was released so let's > see what happens; I'm sure the pkgmaster.com folks will update webalizer as > soon as webalizer itself updates to fix this problem. > > Jonothon Ortiz > Vice President > Xnext, Inc. > Ph: 863.298.9698 > or 888.84.XNEXT > http://www.Xnext.com > mailto:[EMAIL PROTECTED] > > _______________________________________________ > cobalt-developers mailing list > [EMAIL PROTECTED] > http://list.cobalt.com/mailman/listinfo/cobalt-developers > _______________________________________________ cobalt-developers mailing list [EMAIL PROTECTED] http://list.cobalt.com/mailman/listinfo/cobalt-developers
