[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-users] Problems(Nasty Raq Hack + OpenSSL + Htaccess) = Bad_Weekend
- Subject: Re: [cobalt-users] Problems(Nasty Raq Hack + OpenSSL + Htaccess) = Bad_Weekend
- From: "Achieve Website Design" <info@xxxxxxxxxxxxxx>
- Date: Fri Jan 24 10:42:01 2003
- List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>
----- Original Message -----
From: Curtis Ross <Curtis_Ross@xxxxxx>
To: <cobalt-users@xxxxxxxxxxxxxxx>
Sent: Friday, January 24, 2003 3:24 PM
Subject: RE: [cobalt-users] Problems(Nasty Raq Hack + OpenSSL + Htaccess) =
Bad_Weekend
> > Hi all
> >
> > Dont know where the rest of you are with this but we are
> > still struggling.
> >
> > I have set the quick fix on the authenticate file but this is causing
> > problems with the .htaccess files.
> > Dont know what path of action to take about this?
> > I know the options, make passwds and shadow readable but is this safe?
> >
> > We have not upgraded OpenSSL as I feel it is a bit out of my
> > sphere of
> > knowledge to do this on live servers? Can we pay or get a
> > package for this
> > and all the associated symlinks etc that needs to be done.
> >
> > I would really appreciate any help or oppinions people can
> > give me on this
> > matter.
> >
> > Thanks
> > Marcus
>
> Marcus,
> To this date I still have not seen any 'new' exploit or hack released or
comfirmed by anyone. I however do not belong to ever security list out there
either. As it sit all my boxes are patched with the standard Cobalt
offerings and some 3rd party security software. I plan to sit on the fence.
>
> Regards,
> Curtis
> ------------------------------ IMPORTANT NOTICE - AVIS
IMPORTANT ------------------------------
>
> Computer viruses can be transmitted via email. Recipient should check this
email and any attachments for the presence of viruses. Sender and sender
company accept no liability for any damage caused by any virus transmitted
by this email.
>
> This email transmission and any accompanying attachments contain
confidential information intended only for the use of the individual or
entity named above. Any dissemination, distribution, copying or action
taken in reliance on the contents of this email by anyone other than the
intended recipient is strictly prohibited. If you have received this email
in error please immediately delete it and notify sender at the above email
address.
>
>
> Le courrier électronique peut être porteur de virus informatiques. Le
destinataire doit donc passer le présent courriel et les pièces qui y sont
jointes au détecteur de virus. L'expéditeur et son employeur déclinent
toute responsabilité pour les dommages causés par un virus contenu dans le
courriel.
>
> Le présent message et les pièces qui y sont jointes contiennent des
renseignements confidentiels destinés uniquement à la personne ou à
l'organisme nommé ci-dessus. Toute diffusion, distribution, reproduction ou
utilisation comme référence du contenu du message par une autre personne que
le destinataire est formellement interdite. Si vous avez reçu ce courriel
par erreur, veuillez le détruire immédiatement et en informer l'expéditeur à
l'adresse ci-dessus.
>
> ------------------------------ IMPORTANT NOTICE - AVIS
IMPORTANT ------------------------------
>
>
>
>
>
Hmmm, I hadn't thought to check htaccess after chmod 755 the authenticate
file . Now that I have I note that it is not working. What was the original
permission?
Regards,
Declan.