[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]

[LUG] Linux Security and apache

To: list@xxxxxxxxxxxxx
Subject: [LUG] Linux Security and apache
From: Tom Brough <tombrough@xxxxxxxxxxxxxxxx>
Date: Mon, 26 Dec 2005 19:46:49 +0000

Friday was bad day for me. For the first time my confidence in Linux hasbeen smashed. Not only was apache compromised (possibly because it wasversion 2.0.40, and couldnt be patched (easily) because of our wonderfulproxy config that requires lan man hashes for authentication ). Howeverwhat really nocked me for six was the fact that once they hadcompromised apache, they installed a root kit somehow.

I was under the false impression that because of the way linux kernelwas designed that only the user (in this case apache) running theapplication could be compromised and not the whole "system".

Certain key utilities (ls, ifconfig, pstree to name a few) and a libraryfile or two have clearly been altered and "hidden" to stop me erasing /replacing them as root user.

So my question is what makes Linux more secure that Windows ? I thoughtI knew the answer up until Friday, but clearly there are ways of jumpingfrom "joe public" user to root privileges in linux.


Tom.

who is depressed because this could set back free software takeup in hiswork place :-(


--
The Mailing List for the Devon & Cornwall LUG
Mail majordomo@xxxxxxxxxxxxx with "unsubscribe list" in the
message body to unsubscribe. FAQ: www.dcglug.org.uk/linux_adm/list-faq.html

Follow-up: Re: [LUG] Linux Security and apache
- From: Simon Waters
Follow-up: Re: [LUG] Linux Security and apache
- From: James Wonnacott

Prev by Date: [LUG] suse10 nvidia driver
Next by Date: Re: [LUG] suse10 nvidia driver
Previous by thread: Re: [LUG] suse10 nvidia driver
Next by thread: Re: [LUG] Linux Security and apache
Index(es):
- Date
- Thread