[rfk-dev] robotfindskitten.cgi considered harmful?
Tue, 3 Jul 2001 09:02:31 +1000
On 2 Jul 2001, "Peter A. Peterson II" <firstname.lastname@example.org> wrote:
> You might have noticed that the robotfindskitten.cgi page at
> kathleen.northpark.edu is down. This is because the box has crashed. I'm
> not sure why; it's possible that there was a power outage that left the
> drive in an unbootable way, or that it was hax0red, but
> robotfindskitten.cgi is the only change I made to it in the last 6
> months. Is there anything I should look for in attempting to detect
> either an intrusion or a catastrophic failure? I could mount this drive
> on two-bit next week if anyone cares to inspect it.
I hope that's not why. I did warn that somebody else should check for
You can start by booting from a CD (if possible) and running the
current version of
If it's a RedHat machine, then you can try using rpm --verify.
There's also this recent article:
Also, it would be good to configure that program to run as a nobody
user using apache's cgi setuid wrapper.
Talk to me off the list if you would like more help.