Attacks in Apache servers

2013-05-02 Thread M Eashwar
Hi, Anyone attacked with reference to below URL? http://efytimes.com/e1/fullnews.asp?edid=105167ntype=moredate=4/29/2013

Re: Attacks in Apache servers

2013-05-02 Thread André Warnier
M Eashwar wrote: Hi, Anyone attacked with reference to below URL? http://efytimes.com/e1/fullnews.asp?edid=105167ntype=moredate=4/29/2013 Never heard of EFYtimes before, but considering what I have been reading lately about bots, I would advise a modicum of caution before following this

Re: Attacks in Apache servers

2013-05-02 Thread Brian Burch
On 02/05/13 09:32, André Warnier wrote: M Eashwar wrote: Hi, Anyone attacked with reference to below URL? http://efytimes.com/e1/fullnews.asp?edid=105167ntype=moredate=4/29/2013 Never heard of EFYtimes before, but considering what I have been reading lately about bots, I would advise a

Re: Attacks in Apache servers

2013-05-02 Thread Darryl Lewis
Last Friday (April 26), ESET and Sucuri simultaneously blogged about the discovery of Linux/Cdorked, a backdoor impacting Apache servers running cPanel. -http://blogs.cisco.com/security/linuxcdorked-faqs/ So it looks like an cPanel application vulnerability, not an Apache vulnerability. The title

Re: Attacks in Apache servers

2013-05-02 Thread Jess Holle
http://blogs.cisco.com/security/linuxcdorked-faqs/ claims this is not a cPanel vulnerability per se... On 5/2/2013 6:22 AM, Darryl Lewis wrote: Last Friday (April 26), ESET and Sucuri simultaneously blogged about the discovery of Linux/Cdorked, a backdoor impacting Apache servers running

Re: Attacks in Apache servers

2013-05-02 Thread Mark Thomas
On 02/05/2013 12:29, Jess Holle wrote: http://blogs.cisco.com/security/linuxcdorked-faqs/ claims this is not a cPanel vulnerability per se... To quote the relevant part of that article: quote How are attackers gaining access to the host servers? How the attackers are gaining root access to

Re: Attacks in Apache servers

2013-05-02 Thread Christopher Schultz
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Mark, On 5/2/13 7:42 AM, Mark Thomas wrote: On 02/05/2013 12:29, Jess Holle wrote: http://blogs.cisco.com/security/linuxcdorked-faqs/ claims this is not a cPanel vulnerability per se... To quote the relevant part of that article: quote How

Re: tomcat apr openssl logging

2013-05-02 Thread Christopher Schultz
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Jeremy, On 4/30/13 5:23 PM, Christopher Schultz wrote: Jeremy, On 4/30/13 1:47 PM, Jeremy Bowers wrote: How do I go about setting up server side logging to gain more detailed information about ssl connections when using tomcat with apache

Re: Attacks in Apache servers

2013-05-02 Thread David N. Smith
Didn't you know that 'rm' was vulnerable on Linux?!?! An attacker with escalated privileges can -- through clever use of this misunderstood command with code so complicated, that this enormous vulnerability went unnoticed for decades -- wreak havoc on any Linux system connected to the

RE: Multiple tomcat containers or instance on same servers

2013-05-02 Thread Oke Akinola swisstopo
I eventually installed version 6.0.36 7.0.29 as the highest supported version by the concerned applications respectively. I used the installer and both applications seen to be running fine. Though still testing, but would like to be rest assured of this 2 version decision before going into