Get Paid to Participate - up to $1 per post!     Twitter     Facebook     Google+
Hosting Discussion
 

Hosting Discussion > Web Hosting Forums > Hardware and Server Configuration > What your are doing to stop symlink attack on your server?
forgot password?



Reply


Old
  Post #1 (permalink)   01-05-2012, 12:12 PM
HD Addict
 
Join Date: Oct 2011
Posts: 177

Status: Bullten is offline
Hello all,

Post here what all steps you all are taking to stop symlink attack on your web server. As its a big issue because most of the sites on shared environment are hacked because of this issue...
 
 


Old
  Post #2 (permalink)   01-05-2012, 12:15 PM
HD Addict
 
Join Date: Oct 2011
Posts: 177

Status: Bullten is offline
Well I am using a cron job which changes config file of all sites on my server with permission to 600 . It runs periodically to change permission of new hosted website config file. This protect us from symlink.
 
 
 


Old
  Post #3 (permalink)   01-05-2012, 03:49 PM
HD Wizard
 
Join Date: Mar 2005
Location: Atlanta, GA
Posts: 2,264

Status: handsonhosting is offline
Can you post to an article regarding the symlink attack? How new is this sort of attack? Is it something that standard security takes care of?

If you can post details on how the attack happens, then more people can be educated on the vulnerability and resolutions.
__________________
Emerson Nogueira
http://www.HandsOnWebHosting.com
cPanel Web Hosting, Domain Registration, Managed VPS Servers
 
 
 


Old
  Post #4 (permalink)   01-05-2012, 03:56 PM
HD Addict
 
Join Date: Oct 2011
Posts: 177

Status: Bullten is offline
Well this is most wide spread attack on linux web server where a shared web hosting owner can launch this attack to read the configuration file or any file of other web host owners at same server. When you are using suphp it doent allow users to see what is out side of their directory limit . To overcome that limit, this symlink attack is launched by an attacker to read important files without even actually navigating there.

Sure I will make a brief article about that. I thought people are already aware of this.
 
 
 


Old
  Post #5 (permalink)   01-05-2012, 04:01 PM
HD Amateur
 
Join Date: Sep 2011
Posts: 83

Status: coloradojaguar is offline
It would be nice to get some more information from an industry expert on this type of attack. Even if it is brief it could be helpful. There may be awareness of this type of attack but it is hard to keep up with everything that is unleashed these days.
__________________
Hosted solutions provider since 1998 - Serving Houston, Dallas, Atlanta, NJ, and the UK
JaguarPC.com - Managed Hybrid Servers| SSD|Managed VPS Hosting | Dedicated Servers
Reseller US/UK| Cloud
 
 
 


Old
  Post #6 (permalink)   01-05-2012, 05:42 PM
HD Wizard
 
Join Date: Mar 2005
Location: Atlanta, GA
Posts: 2,264

Status: handsonhosting is offline
I guess it depends on the methods used. What was once prevelant back in 2003 and even 2005 attacks were pretty much made impossible due to updates in 2008. The SuPHP was/is a great option for isolating an environment and only allowing users to execute their own files - but standard server security should also be taken so that people can note read/exploit the /etc section of a server for the passwd files and group files.

Cross Site Scripting through Apache/PHP has been pretty much taken care of these days - generating symlinks from a root level would imply a root compromise. Generation of symlink from an individual account level should never be able to access outside of their user account level - ever.
__________________
Emerson Nogueira
http://www.HandsOnWebHosting.com
cPanel Web Hosting, Domain Registration, Managed VPS Servers
 
 


Old
  Post #7 (permalink)   01-08-2012, 03:14 PM
HD Newbie
 
Join Date: Dec 2011
Posts: 28

Status: DunamisHosting is offline
I am curious to know how things like these got started, why must people go and hack things. What good really comes from it all?
 
 
 
Reply

Thread Tools

New Post New Post   Old Post Old Post
Posting Rules:
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On
Sponsored By: