Sloan wrote:
Aaron Kulkis wrote:
If, say, apache has a flaw that allows a shell to be forked off, and
apache is running as root, then there you go: root shell.
I'm certain that suse has never shipped a distro where apache runs as root.
Not by default, but that doesn't mean much.
Try this:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
The Wednesday 2008-01-23 at 21:16 -0500, Aaron Kulkis wrote:
I'm certain that suse has never shipped a distro where apache runs as
root.
Not by default, but that doesn't mean much.
Try this:
$ su
password
# /etc/init.d/apache start
As it
Carlos E. R. wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
The Wednesday 2008-01-23 at 21:16 -0500, Aaron Kulkis wrote:
I'm certain that suse has never shipped a distro where apache runs as
root.
Not by default, but that doesn't mean much.
Try this:
$ su
password
#
Aaron Kulkis wrote:
Sloan wrote:
Aaron Kulkis wrote:
If, say, apache has a flaw that allows a shell to be forked off, and
apache is running as root, then there you go: root shell.
I'm certain that suse has never shipped a distro where apache runs as
root.
Not by default, but that doesn't
James Knott wrote:
David Bolt wrote:
On Mon, 21 Jan 2008, James Knott wrote:-
snip
Anti-virus software is generally not necessary with Linux, unless it's
being used as a mail or file server in a Windows network. AFIK,
there's never been a viable Linux virus.
That depends on whether you
James Knott wrote:
Carlos E. R. wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
The Monday 2008-01-21 at 20:41 -0800, Joe Sloan wrote:
David Bolt wrote:
The reason being
that if a worm is able to install on the server using root privileges,
there's no way to know just what else has
James Knott wrote:
David Bolt wrote:
On Mon, 21 Jan 2008, Joe Sloan wrote:-
snip
Yes, I remember dealing with some similar worms on linux servers - the
difference being, if a linux system gets a worm, you install the
security upgrade from the vendor, clean up the files left behind by the
Aaron Kulkis wrote:
James Knott wrote:
David Bolt wrote:
On Mon, 21 Jan 2008, James Knott wrote:-
snip
Anti-virus software is generally not necessary with Linux, unless it's
being used as a mail or file server in a Windows network. AFIK,
there's never been a viable Linux virus.
That
Aaron Kulkis wrote:
Webmasters who recently migrated from Lose-DOS and new to
Linux oftentimes wouldn't even realize that such a thing
could be done.
let alone
A little competence goes a long way.
--
Use OpenOffice.org http://www.openoffice.org
--
To unsubscribe, e-mail: [EMAIL
James Knott wrote:
Aaron Kulkis wrote:
James Knott wrote:
David Bolt wrote:
On Mon, 21 Jan 2008, James Knott wrote:-
snip
Anti-virus software is generally not necessary with Linux, unless it's
being used as a mail or file server in a Windows network. AFIK,
there's never been a viable
Aaron Kulkis wrote:
If, say, apache has a flaw that allows a shell to be forked off, and
apache is running as root, then there you go: root shell.
I'm certain that suse has never shipped a distro where apache runs as root.
Joe
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional
David Bolt wrote:
On Mon, 21 Jan 2008, James Knott wrote:-
snip
Anti-virus software is generally not necessary with Linux, unless it's
being used as a mail or file server in a Windows network. AFIK,
there's never been a viable Linux virus.
That depends on whether you include worms and
David Bolt wrote:
On Mon, 21 Jan 2008, Joe Sloan wrote:-
snip
Yes, I remember dealing with some similar worms on linux servers - the
difference being, if a linux system gets a worm, you install the
security upgrade from the vendor, clean up the files left behind by the
worm (which will
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
The Monday 2008-01-21 at 20:41 -0800, Joe Sloan wrote:
David Bolt wrote:
The reason being
that if a worm is able to install on the server using root privileges,
there's no way to know just what else has been installed by it without
performing
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
The Monday 2008-01-21 at 20:10 -0600, JB2 wrote:
And concerning virii
FYI, there's no such word as 'virii'. Multiple for virus is...viruses.
Wrong!
http://en.wiktionary.org/wiki/virii
:-P
Yep, it is incorrect, but it exists.
Carlos E. R. wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
The Monday 2008-01-21 at 20:41 -0800, Joe Sloan wrote:
David Bolt wrote:
The reason being
that if a worm is able to install on the server using root privileges,
there's no way to know just what else has been installed by
Carlos E. R. wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
The Monday 2008-01-21 at 20:10 -0600, JB2 wrote:
And concerning virii
FYI, there's no such word as 'virii'. Multiple for virus is...viruses.
Wrong!
http://en.wiktionary.org/wiki/virii
:-P
Yep, it is incorrect, but it
Carlos E. R. wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
The Monday 2008-01-21 at 20:10 -0600, JB2 wrote:
And concerning virii
FYI, there's no such word as 'virii'. Multiple for virus is...viruses.
Wrong!
http://en.wiktionary.org/wiki/virii
:-P
Yep, it is
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
The Tuesday 2008-01-22 at 13:57 -0800, James D. Parra wrote:
http://en.wikipedia.org/wiki/Plural_of_virus
You cannot rely on Wikipedia for accuracy. Try a dictionary instead.
If you had read the article you'd have seen that it quite is
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
The Tuesday 2008-01-22 at 16:23 -0500, James Knott wrote:
Because David wrote, in the email you quoted:
] The commands were executed by a root shell and was used to download
the ] loader script,
I was thinking, at first glance, the same,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
The Tuesday 2008-01-22 at 16:24 -0500, James Knott wrote:
The Monday 2008-01-21 at 20:10 -0600, JB2 wrote:
And concerning virii
FYI, there's no such word as 'virii'. Multiple for virus is...viruses.
Wrong!
On Tue, 22 Jan 2008, James Knott wrote:-
David Bolt wrote:
I'd apply the same logic to a Linux server as well. The reason being
that if a worm is able to install on the server using root privileges,
there's no way to know just what else has been installed by it without
performing some form
On Tue, 22 Jan 2008, James Knott wrote:-
snip
Assuming you're running as a mere mortal and not root, how does it
start a root shell?
It wouldn't as a mere mortal. However, the exploit was one affecting
Apache and PHP, and allowed for the server to be compromised. Once it's
able to gain a toe
On Mon, 21 Jan 2008, Joe Sloan wrote:-
David Bolt wrote:
Snip
It's not a matter of blind trust, but of close examination of the worms
behavior. Once the hole was closed and the remains of the worm removed,
that was the end of it. No more mysterious traffic, no more odd spikes
in system load, no
David Bolt wrote:
On Mon, 21 Jan 2008, Joe Sloan wrote:-
David Bolt wrote:
Snip
It's not a matter of blind trust, but of close examination of the worms
behavior. Once the hole was closed and the remains of the worm removed,
that was the end of it. No more mysterious traffic,
I was trying to get AVG anti virus installed and try it on Suse as I was
used to it on the left behind windows (Vista was it! No more
microsoft!). One had to download a tarball to go with it or it wouldn't
work. Don't ask what the name of the tarball. That was in the Fedora
distro I tried for
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Joe Sloan schrieb:
| John B Pace wrote:
| You are dealing with an older dummy here, but too old! I'm wanting to
| know if there is a way to install tarballs properly in Suse. To an
| extent each version of linux I have tried are different, but in
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
The Monday 2008-01-21 at 07:18 -0500, John B Pace wrote:
I was trying to get AVG anti virus installed and try it on Suse as I was
That would be a binary. You have to read their instructions, then.
This brings up another question. Does Suse
Thanks again, Joe and Peter and I think there's another fellow named
Steve. I appreciate it and now that I know how to do them, I probably
won't have to--which is fine by me. There's better things to be doing!
Like checking out security issues on Suse next!
John
On Mon, 2008-01-21 at 13:22 +0100,
John B Pace wrote:
I was trying to get AVG anti virus installed and try it on Suse as I was
used to it on the left behind windows (Vista was it! No more
microsoft!). One had to download a tarball to go with it or it wouldn't
work. Don't ask what the name of the tarball. That was in the Fedora
On Mon, 2008-01-21 at 07:18 -0500, John B Pace wrote:
I was trying to get AVG anti virus installed and try it on Suse as I was
used to it on the left behind windows (Vista was it! No more
microsoft!). One had to download a tarball to go with it or it wouldn't
work.
Hi Joe,
afaik, avira is
John B Pace wrote:
I was trying to get AVG anti virus installed and try it on Suse as I was
used to it on the left behind windows (Vista was it! No more
microsoft!).
Don't bother.
AVG for Linux is not meant to protect your Linux machine.
It's meant for mail servers which deliver mail read by
On Mon 21 January 08 11:49, Hans Witvliet wrote:
On Mon, 2008-01-21 at 07:18 -0500, John B Pace wrote:
I was trying to get AVG anti virus installed and try it on Suse as I was
used to it on the left behind windows (Vista was it! No more
microsoft!). One had to download a tarball to go with
On Mon, 21 Jan 2008, James Knott wrote:-
snip
Anti-virus software is generally not necessary with Linux, unless it's
being used as a mail or file server in a Windows network. AFIK,
there's never been a viable Linux virus.
That depends on whether you include worms and trojans under the
David Bolt wrote:
That depends on whether you include worms and trojans under the
definition of a virus. If so, there have been Linux viruses in the wild.
I still have a copy of a loader script and the IRC bot[0] that was
installed by it, grabbed from an infected server just over 2 years
On Mon, 21 Jan 2008, Joe Sloan wrote:-
snip
Yes, I remember dealing with some similar worms on linux servers - the
difference being, if a linux system gets a worm, you install the
security upgrade from the vendor, clean up the files left behind by the
worm (which will typically be found only in
David Bolt wrote:
On Mon, 21 Jan 2008, Joe Sloan wrote:-
snip
Yes, I remember dealing with some similar worms on linux servers - the
difference being, if a linux system gets a worm, you install the
security upgrade from the vendor, clean up the files left behind by the
worm (which will
John B Pace wrote:
You are dealing with an older dummy here, but too old! I'm wanting to
know if there is a way to install tarballs properly in Suse. To an
extent each version of linux I have tried are different, but in each I
have found it impossible to install a tarball.Thanks! John
John B Pace wrote:
You are dealing with an older dummy here, but too old! I'm wanting to
know if there is a way to install tarballs properly in Suse. To an
extent each version of linux I have tried are different, but in each I
have found it impossible to install a tarball.Thanks! John
You are dealing with an older dummy here, but too old! I'm wanting to
know if there is a way to install tarballs properly in Suse. To an
extent each version of linux I have tried are different, but in each I
have found it impossible to install a tarball.Thanks! John
--
To unsubscribe,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Joe Sloan wrote:
| John B Pace wrote:
| You are dealing with an older dummy here, but too old! I'm wanting to
| know if there is a way to install tarballs properly in Suse. To an
| extent each version of linux I have tried are different, but in each
41 matches
Mail list logo