Security Check
Duane Attaway
dattaway at attaway.net
Fri Oct 4 11:11:27 CDT 2002
On Fri, 4 Oct 2002, Seth Dimbert wrote:
> I've recently added a server at home.
>
> I installed YDL onto an old Mac clone and got things working. I then
> registered with no-ip.com, a free domain redirection service. The Apache
> test page on my server can be seen at http://sdimbert.servehttp.com.
>
> I used port forwarding on my LinkSys Router/Switch to send requests to port
> 80 to the Linux Server. Would you guys please take a look and let me know
> how secure the setup is? I'm knew at all this and I want to make sure that I
> haven't opened myself up to any security problems.
I tried two things. First I tried to open some ports. With the prybar
called nmap, I could only open port 80. Good so far.
So I telnetted to port 80. I found version 1.3.22 of Apache.
http://www.apacheweek.com/features/security-13
I found some interesting notes on the version you are running. It looks
like someone could throw a monkey wrench of weird http requests and make
your server emit weird noises and possibly write junk into any *.log file.
Interesting.
dattaway at satellite dattaway $ telnet sdimbert.servehttp.com 80
Trying
64.216.142.110... Connected to sdimbert.servehttp.com.
Escape character is '^]'.
HEAD / HTTP/1.1
HTTP/1.1 400 Bad Request
Server: Apache/1.3.22 (Unix) (Linux) mod_ssl/2.8.5 OpenSSL/0.9.6b
PHP/4.1.2 mod_perl/1.24_01
Connection: close
Content-Type: text/html; charset=iso-8859-1
Connection closed by foreign host.
More information about the Kclug
mailing list