Threat Level: green Handler on Duty: Rob VandenBrink

SANS ISC: InfoSec Handlers Diary Blog - Internet Storm Center Diary 2004-08-07 InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Mailbag; Upgrade Mozilla Products; Reading Corner

Published: 2004-08-07
Last Updated: 2004-08-08 00:47:17 UTC
by Kevin Hong (Version: 1)
0 comment(s)
Mailbag

We continue to receive submission on SSH brute force scan. From one of the submission received, the source is a public website and the the phpinfo() details can be viewed. This is a bad move as you are allowing others to see, not only the php configuration, but also some of the softwares and their version installed on the system. This file should be removed when you have verified the php is installed properly. We have informed the site to investigate.

Upgrade Mozilla Products

Mozilla has released new version for its products against the libpng vulnerability. If you are using Mozilla products, do upgrade them over the weekend:

http://www.mozilla.org/download.html

To know more details on libpng vulnerability, please refer to:
http://www.us-cert.gov/cas/techalerts/TA04-217A.html

Reading Corner

NIST has published a draft guidelines on PDA Forensics. Over the weekend, you may want to take a look:

http://csrc.nist.gov/publications/drafts.html#sp800-72
Keywords:
0 comment(s)
Diary Archives