[mod-security-users] writing of php file to webserver owned directory -- can mod-security prevent t
Brought to you by:
victorhora,
zimmerletw
From: John c. <co...@cc...> - 2007-12-02 16:01:04
|
Hi. I had an attack this morning where someone was able to execute lwp-download for a text file and then rename it to a php file and then he had some fun. The php file was called a.php and all the comments are in a different character set, maybe Eastern European. I have client-ip followed by the download command and in the next request by the mv command. These were in the audit.log part B of each request. Can mod-security prevent such a thing? Any assistance would be appreciated. -- Your life is like a penny. You're going to lose it. The question is: How do you spend it? John Covici co...@cc... |