[sf-lug] ebay security analysis: phishers targeting linux (fwd)

[Rick Moen]

Quoting Kristian Erik Hermansen (kristian.hermansen at gmail.com):

> PHP/Post-nuke are very commonly exploited.  

Indeed.

The president of EBLUG (Fremont) recently asked my advice on this
matter, since their PHP-Nuke site has recently gotten cracked (again).
I was uncertain of PHP-Nuke's site requirements, that not being my
cuppa, but I suggested as a first step seeing what happens if he
tightens down php.ini, as per "PHP" on http://linuxmafia.com/kb/Security .

Some developed PHP codebases will break when you disable some of the
more insane defaults in php.ini:  That's the proximate result of many
distros shipping a default php.ini with strong warning comments (never
read by most people) that these settings are intended for development
use _only_, and should never be exposed to public networks.  

Once the developed apps' maintainers come to expect those settings, they
tend to become app requirements.