Hans-Christian Andersen
hans.andersen at phulse.com
Sun May 5 17:05:18 CDT 2013
I'd just like to point out that, as far as I'm aware, researchers still do not know if this is a result of a security hole in Apache. As a matter of fact, that this exploit seems to only affect a relatively few number of servers and isn't spreading across the entire internet like wildfire indicates that it is most likely not a security issue with Apache, but with some other software. It has been suggested that it might be website hosting / management applications, like Cpanel and Plesk, that are the true culprit. What is interesting however, from the point of view from Apache, is simply that it appears the authors of this exploit / malware seem to have put a lot of thought into making their malware hide its traces so that the server admins or website owner aren't able to tell that they've been affected. But, like I said, it's unlikely that these hacks are a result of some security hole in Apache. - Hans On 2013-05-05, at 2:47 PM, "Jim Lawrence" <accessd at shaw.ca> wrote: > All leading software packages are searched for vulnerabilities and as always > they are eventual be found. Apache's impact into the web server market is > huge with more than half of all web sites using this back-end. > > Many holes have now been discovered and whether the Apache package should be > used for major sites is in debate. Maybe it is time to move to Nginx and > wait until the holes can all be properly plugged. > > With packages such as the Blackhole exploit kit, available to any > script-kiddies, > (http://nakedsecurity.sophos.com/2012/03/29/exploring-the-blackhole-exploit- > kit/) it will be a while before Apache is safe to use again. > > Here is an interesting article on the current > http://blog.sucuri.net/2013/04/apache-web-server-attacks-continue-to-evolve. > html > > Jim > > _______________________________________________ > dba-Tech mailing list > dba-Tech at databaseadvisors.com > http://databaseadvisors.com/mailman/listinfo/dba-tech > Website: http://www.databaseadvisors.com