Security Portal: Weekly Linux Security Roundup - 2000/02/15 to 2000/02/21

"An interesting week, some more advisories concerning the bug in make and MySQL (people releasing fixed packages, nothing new). The most interesting thing however was the announcement of Medusa DS9, a security tool for Linux that allows you to control access to various things. I haven't tested it myself so I don't know how effective it is, but it doesn't sound like snake oil either. I also got around to catching up on some neglected tools, 'Instructor 1.0' was released, basically it hammers the CPU with opcodes to see what makes it go boom."

"Tip of the week:
Various problems with ASP and PHP include files have been found (primarily that by requesting them you can get the contents of the file, which can provide useful information to an attacker). Use Apache's access configuration to block access to these types of files, for example to block access to *.inc files:
<Files ~ "\.inc$">
Order allow,deny
Deny from all
</Files>"

"You might also want to block access to files ending in ~'s, i.e. the backup file that emacs creates (I know there's more then a few of these on my server):
<Files ~ "~$">
Order allow,deny
Deny from all
</Files>"

Complete Story

Related Stories:

• Security Portal: Weekly Linux Security Roundup - 2000/02/09 to 2000/02/14(Feb 14, 2000)
• Security Portal: Weekly Linux Security Roundup - 2000/01/31 to 2000/02/08(Feb 09, 2000)