help i've been hacked. :(

Vipul Ramani linux2000in at gmail.com
Sat Aug 27 08:21:28 UTC 2005 

If u dont have any professional sniffer.. you can use Sniffit !!! it is one 
of best Open source sniffer..!


On 8/22/05, Eris Caffee <eris-redhat-list at eldalin.com> wrote:
> 
> > Eris Caffee <mailto:eris-redhat-list at eldalin.com>
> > on Sunday, August 21, 2005 8:21 AM said:
> >
> >> One other thing I would suggest would be that if you install cacti on
> >> the new server you should edit your httpd.conf and restrict access to
> >> it and it's subdirectories to add another layer of protection.
> >> Really, anything that isn't for the general public ought to be
> >> restricted, of course.
> >
> > That's a good idea.
> >
> > Does this mean that if someone tries to reach www.domain.com/cacti<http://www.domain.com/cacti>that
> > they will be denied access? Is based on IP address or rights based? What
> > about internal network users?
> 
> There are several ways to do it. You could use a .htaccess file in the
> cacti directory and set up passwords, but a simpler way to restrict access
> is to use the "Allow" directive in your http.conf file. Here's an
> example:
> 
> <Location /server-info>
> SetHandler server-info
> Order deny,allow
> Deny from all
> Allow from 192.168.0.1 <http://192.168.0.1>
> </Location>
> 
> This set of directives not only set the url
> http://sitename.com/server-info to provide information about the server,
> but it also restricts access to that url. Only someone running on a
> machine whose IP is 192.168.0.1 <http://192.168.0.1> will be allowed 
> access to the server-info
> page.
> 
> Of course, since IP addresses might be spoofed, it is even safer to use
> both this _and_ .htaccess paswords. The best security has many layers,
> each one of which has to be pierced individually.
> 
> Eris Caffee
> 
> 
> --
> redhat-list mailing list
> unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
> https://www.redhat.com/mailman/listinfo/redhat-list
> 



-- 
Vipul Ramani
linux2000in at gmail.com
linux2000in at yahoo.com
~~~~~We Know HOW NetWorkS ~~~~~

More information about the redhat-list mailing list