Re: [OCLUG-Tech] More: Yes, this is this a known exploit!

Subject: Re: [OCLUG-Tech] More: Yes, this is this a known exploit!
From: "Michael P. Soulier" <msoulier [ at ] digitaltorque [ dot ] ca>
Date: Fri, 3 Oct 2008 17:50:08 -0400

On 03/10/08 Alex H. Vandenham said:

> OK, it's an irc bot that got on my system in some way - probably (?) a php 
> exploit.  If anyone knows what I have to do to tighten up php to prevent file 
> uploads from inserted urls - help much appreciated!
> 
> After deleting the bot files in /tmp the tcp traffic to ports 6660-7000 is 
> gone after a system restart.   A full upgrade and re-install appears to be in 
> my future . . . 

Stop using PHP. No, seriously. It has a horrid security record.

Mike

Attachment: pgpfY1ySUZIay.pgp
Description: PGP signature

references

[OCLUG-Tech] More: Yes, this is this a known exploit!, Alex H. Vandenham

message navigation

previous by date: [OCLUG-Tech] More: Yes, this is this a known exploit!
next by date: Re: [OCLUG-Tech] is this a known exploit?
previous by thread: [OCLUG-Tech] More: Yes, this is this a known exploit!
next by thread: [OCLUG-Tech] Re: Linux users in St.John's