* RE: [gentoo-user] OT - Some miscellanous questions about hack attacks and dealing with them
@ 2007-02-23 10:08 99% ` Nelson, David (ED, PAR&D)
0 siblings, 0 replies; 1+ results
From: Nelson, David (ED, PAR&D) @ 2007-02-23 10:08 UTC (permalink / raw
To: gentoo-user
[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #1: Type: text/plain; charset="UTF-8", Size: 1507 bytes --]
> -----Original Message-----
> From: Alan McKinnon [mailto:alan@linuxholdings.co.za]
> Sent: 23 February 2007 07:17
> To: gentoo-user@lists.gentoo.org
> Subject: Re: [gentoo-user] OT - Some miscellanous questions about hack
> attacks and dealing with them
>
>
> The problem is that php enables every kid and his dog to put an
> interactive site up on the net. So, every kid and his dog
> does. All the
> while making coding mistakes that open holes. Forum software seems
> especially prone.
>
> Apache and php_mod themselves are as safe as is reasonable,
> at least I
> haven't seen many weaknesses reported on those two packages.
> To know if
> you should be taking extra security precautions, watch for security
> advisories about the php apps you have running
>
Forgive my ignorance if I'm incorrect - but I was told at one point by a friend who runs a few servers and sites that if an app wont run in PHP Safe Mode then he wont run it at all.
http://us2.php.net/features.safe-mode
I'm not a PHP expert by any means so I can't definitively say "use safe mode" but if people are looking to lock down a server it may be worth a peek.
OT: Also, my name is "David Nelson" not "Nelson David". Don't blame me - it's a work email account and they have our names Surname, Forename all over the place. :P I've just seen people refer to me as "Nelson" sometimes ... ;-)
--
djn
I do not represent anyone else in emails I send to this list.
éí¢¬z¸\x1eÚ(¢¸&j)b b²
^ permalink raw reply [relevance 99%]
Results 1-1 of 1 | reverse | options above
-- pct% links below jump to the message on this page, permalinks otherwise --
2007-02-23 7:17 [gentoo-user] OT - Some miscellanous questions about hack attacks and dealing with them Alan McKinnon
2007-02-23 10:08 99% ` Nelson, David (ED, PAR&D)
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox