Archive of UserLand's first discussion group, started October 5, 1998.
Re: Walking around amsterdam
Author: Eric Soroos Posted: 5/14/2000; 4:15:09 PM Topic: Walking around amsterdam Msg #: 17300 (In response to 17298) Prev/Next: 17299 / 17301
As I understand it, the recent hacking of apache.org was due to a default install that had a door open.That's not quite accurate.
The hack came due to a combination of world writable ftp directories that were in the web server tree and a not secure installation of Bugzilla (a set of perl scripts for tracking bugs that interface with MySql). Bugzilla is apparently difficult to install securely, and as a consequence, MySql was running as root.
The hack vector was (roughly) ftp -> web directory -> php file -> mysql (running as root) -> hacked.
In default red hat installations, there are no world writable ftp directories, and bugzilla and mysql aren't even installed.
eric
ps, the attack explanation is here: From http://www.dataloss.net/papers/how.defaced.apache.org.txt
There are responses to this message:
- Re: Walking around amsterdam, Jason Levine, 5/14/2000; 6:26:36 PM
- Re: Walking around amsterdam, Paul Snively, 5/16/2000; 12:01:41 AM
This page was archived on 6/13/2001; 4:55:12 PM.
© Copyright 1998-2001 UserLand Software, Inc.