[sf-lug] ebay security analysis: phishers targeting linux (fwd)
rick at linuxmafia.com
Fri Oct 12 00:17:58 PDT 2007
Quoting Kristian Erik Hermansen (kristian.hermansen at gmail.com):
> PHP/Post-nuke are very commonly exploited.
The president of EBLUG (Fremont) recently asked my advice on this
matter, since their PHP-Nuke site has recently gotten cracked (again).
I was uncertain of PHP-Nuke's site requirements, that not being my
cuppa, but I suggested as a first step seeing what happens if he
tightens down php.ini, as per "PHP" on http://linuxmafia.com/kb/Security .
Some developed PHP codebases will break when you disable some of the
more insane defaults in php.ini: That's the proximate result of many
distros shipping a default php.ini with strong warning comments (never
read by most people) that these settings are intended for development
use _only_, and should never be exposed to public networks.
Once the developed apps' maintainers come to expect those settings, they
tend to become app requirements.
More information about the sf-lug