What are the big weak spots on servers?
The big weak spots are as follows: • Server running HTTPD as root. This means that anytime a user attaches to the web server they are running as root. Very powerful if there are any holes at all. This means that if your browser can find a way in, you can gain access to anything on the system. • Improper checking and buffering of user data by CGI scripts. Either a buffer can be overrun or arbitrary commands can be sent to the server. • Improper configuration of the server itself or the web server, allowing for access to files not intended for the general public. This could include log files, the htpasswd file, and web server configuration files. But the main problem is a CGI interpreter (perl.exe on an NT web server leaps to mind) that allows a browser to execute server commands, launch shells, rename or append files, etc.
Related Questions
- I know of the big touristy spots like SeaWorld and Balboa Park, but what are some cheap places to see and even some temperament spots to check out?
- Does anyone of any biddable camp spots to reccomend within the mountains close by or around Big Bear or another tarn?
- Is the weak US Dollar a big problem?
