Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Web-App-Sec
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Mambo, Coppermine and PHPBB Attacks

from [Yasuo Ohgaki] Network Security [Permanent Link]
Subject: Re: Mambo, Coppermine and PHPBB Attacks
Date: Mon, 26 Dec 2005 05:38:39 +0900 
Paul Laudanski wrote:

On Sun, 25 Dec 2005, Yasuo Ohgaki wrote:



It's great if this failsafe feature works as expected.
Nobody can guarantee newbie php programmer make such hole in an app.

These changes made allow_url_fopen=off useless.



Its not about a single solution being the silver bullet.  The only 
security is defense in depth.  You build secure code.  You filter input 
and output.  You configure php.ini properly.  You configure httpd.conf 
properly.  Install mod_security.  Install an IDS that filters for well 
known attacks against your server.  Install a reporting tool that monitors 
your logs.  Make sure your PHP reports warnings, errors, and fix them...

Point is... its only a step in the overall level of layered security.  The 
more tools you put up, as you require or can use but only you can 
determine that, the more an attacker has to get thru.



I agree.

But I don't insist nx bit support is useless. Failsafe feature would
be nice, especially if there are many programmers. If building secure
code is easy, there would be no buffer overflows in recent C/C++ programs.

Anyway, most php script do not need remote script execution feature.
And even with SELinux, it cannot prevent to execute remote code while
access to local file could be rejected and reported.

Making allow_url_fopen useless is bad thing. Remote code execution bug
is common pit hole for newbie php programmers.

-- 
Yasuo Ohgaki
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Mambo, Coppermine and PHPBB Attacks, Yasuo Ohgaki
Next by Date:  Re: Mambo, Coppermine and PHPBB Attacks, Paul Laudanski
Previous by Thread:  Re: Mambo, Coppermine and PHPBB Attacks, Paul Laudanski
Next by Thread:  Re: Mambo, Coppermine and PHPBB Attacks, Paul Laudanski
Indexes:  [Date] [Thread] [Top] [All Lists]