Here's an 'abridged' version of the message I sent (since the 'list' doesn't
accept anything over 40k), without the 'attachment'...
----- Original Message -----
From: "Steve Brazill" <[EMAIL PROTECTED]>
To: "Mark S Russell" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Thursday, July 19, 2001 10:47 AM
Subject: Re: [PHP-INST] Install Trouble on RedHat 6.2 & Apache 1.13.14
> Since your 'title' at the bottom of the Email you sent, said that you're a
> "Sysadmin", I'll assume that you should know most of this already...
>
> You should first upgrade your version of Apache (and probably what you're
> using for PHP and mod_perl). The current versions are apache-1.3.20,
> php-4.0.6, mod_perl-1.25, mysql-3.23.39.
>
> I would remove ALL the RPMs for Apache, PHP, etc, and use the 'source'
> method of configuring and installing the packages... (don't just start
> copying individual files all over the place)
>
> I'm attaching my 'webdocs' which outline how I build a RedHat 6.2 system
> that includes (among other things) instructions on how to install MySQL,
> Apache, Mod_Perl, and PHP. You should at least read thru it, and note
that
> the 'order' of the installation is important !!! (the caviate of my
method,
> is that the 'DSO' option for Apache is configured during the installation
of
> "mod_ssl", which if you can figure it out, can be done elsewhere...).
>
> Besides using an 'insecure' version of Apache, you have a lot of other
> security issues with your system(s)...
>
> It's nice that you're Email server let's me 'verify' addresses to see if
> they actually exist on your system (spammers love this stuff)...
>
> 250 root <[EMAIL PROTECTED]>
> VRFY mrussell
> 250 <[EMAIL PROTECTED]>
> VRFY mysql
> 250 MySQL server <[EMAIL PROTECTED]>
>
> You might want to get rid of some of the ports you have 'exposed' to the
> outside world as well (before you get 'hacked'):
>
> Port State Service
> 21/tcp open ftp
> 23/tcp open telnet
> 25/tcp open smtp
> 79/tcp open finger
> 80/tcp open http
> 98/tcp open linuxconf
> 110/tcp open pop-3
> 111/tcp open sunrpc
> 513/tcp open login
> 514/tcp open shell
>
> Read my 'webdocs' on how to install SSH, and use it instead of "ftp,
> telnet, login, shell" for access to the system from both 'outside' as well
> as 'inside'.... (set the "allowhosts" variable in the "sshd_config" file
to
> only IP addresses or subnets YOU would come in from). You might ask your
> ISP (or 'colo' person) for help, since it appears that the other sites
> sitting next to yours, i.e. .phconsulting.com, are already setup with it).
> Don't use the excuse "people who need to connect to the system from the
> outside don't have and SSH client...". You can get a great FREE one
from:
> http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html
>
> Once you're all done, I'll let you know how to 'hide' all the versions of
> your software your 'advertising' to the outside 'hacker' world... (for
now,
> I want to watch to see if your "www" site keeps the 'exploitable' version
of
> Apache online...)
>
> ----- Original Message -----
> From: "Mark S Russell" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Thursday, July 19, 2001 7:35 AM
> Subject: [PHP-INST] Install Trouble on RedHat 6.2 & Apache 1.13.14
>
>
> > Hello.
> > I'm a newbie to PHP. I don't seem to have any of the PHP Modules (other
> than
> > libphp4.so).. Is there any way to download the modules listed below?
> > mod_php.so
> > libphp3.so
> > libperl.so <-- Which I would think that I should have but don't.. odd..
I
> > did the RPM install
> > mod_php.c
> > mod_php3.c
> > mod_perl.c
> >
> >
> > As always if you have any questions please feel free to contact me.
> >
> > Mark S Russell
> > Sysadmin, Index Page ltd.
> > http://www.indexpage.net/
> > Ph 716 743 1001
> > Fx 716 743 9608
> > Email [EMAIL PROTECTED]
--
PHP Install Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
