[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Advice needed, trying to find the vulnerable code on Debian webserver.

Look at installing mod_security, http://modsecurity.org

Install some rules for it to harden your webserver, see if anything is flagged in the security log.

Ross Tsolakidis wrote:

"Wipe, install, set up chkrootkit and run it often." I've already done that. There was no rootkit.

"How does phpnuke compromise apache if apache is set up correctly?"
I believe it's some of the modules available and running php with 'safe
mode off'.

I need to find the vulnerable code on this box.  And I have no idea
where to begin.
I've tried running virus scans, nothing is infected.


Reply to: