Firewalls: Re: Air Force Web Site Hacked

Firewalls
(January 1997)

Indexed By Thread: [Previous] [Next]

Subject:	Re: Air Force Web Site Hacked
From:	Peg McMahan <pmcmahan @ v-one . com>
Date:	Thu, 02 Jan 1997 09:18:37 -0500
To:	Sebastian Stache <zeb @ sbbs . se>, "'Firewalls @ GreatCircle . COM'" <Firewalls @ GreatCircle . COM>

>So, did the hacked hosts have ftp daemons
>running, with the firewall allowing outside
>access? Telnet? Rsh? Or are there html
>specific inherent weaknesses (even without
>java etc)?

Yes. It's called cgi-bin.

(to mention just one of the many inherent httpd problems.... and cgi is my
favourite to pick on)
____________________________________________________________________
Margaret H. McMahan - Systems Engineer
pmcmahan @
 v-one .
 com

"Know your faults, know your friends,
Be prepared to take revenge"

Indexed By Date	Previous:	Re: Air Force Web Site Hacked From: Sebastian Stache <zeb @ sbbs . se>
Indexed By Date	Next:	Security & Hackerscene site From: Markus H\|bner <matic @ bau2 . uibk . ac . at>
Indexed By Thread	Previous:	Re: Air Force Web Site Hacked From: Sebastian Stache <zeb @ sbbs . se>
Indexed By Thread	Next:	RE: Air Force Web Site Hacked -Reply From: long-morrow @ CS . YALE . EDU