[CentOS] Suggested way to remotely monitor servers and networks these days?
Big Wave Dave
bigwavedave at gmail.com
Thu May 24 01:05:09 UTC 2007
<snip>
> The problem is that leaving cacti open was the most stupid thing I've done.
> After checking /var/log/httpd/error_log, I saw that someone exploited a
> cacti php file and the result was:
<snip>
> which immediately downloaded ShellBOT to /tmp and executed it. It was a good
> thing I caught this as early as I did. So, what's everyone elses solution
> these days? Or is it simply a matter of creating a /tmp partition and
> mounting it noexec?
<snip>
Using htaccess in addition to the built-in Cacti auth might be
helpful. What version of Cacti were you running? Something like
mod_security might be helpful as well.
Dave
More information about the CentOS
mailing list