View previous topic :: View next topic |
Author |
Message |
Jasper Hofland Guest
|
Posted: Sun Aug 11, 2002 8:34 pm Post subject: security on abyss webserver |
|
|
Hi there Aprelium ,
Back with yet a new question ...
Time, Event, Intruder, Count
09-08-2002 13:06:17, HTTP POST data contains script, a213-84-32-243.adsl.xs4all.nl, 1
Can i prevent abyss webserver from running the posted script ???
I have made a forum in php but when somebody posts a script instead of text abyss webserver will run the script , my firewall knows what is going on. But abyss doesn't really seam to care ... Is this because of my settings ? Could you please help me.
Thnx in advance,
Jasper Hofland |
|
Back to top |
|
|
aprelium -
Joined: 22 Mar 2002 Posts: 6800
|
Posted: Mon Aug 12, 2002 4:19 am Post subject: Re: security on abyss webserver |
|
|
Jasper Hofland wrote: | Hi there Aprelium ,
Back with yet a new question ...
Time, Event, Intruder, Count
09-08-2002 13:06:17, HTTP POST data contains script, a213-84-32-243.adsl.xs4all.nl, 1
Can i prevent abyss webserver from running the posted script ???
I have made a forum in php but when somebody posts a script instead of text abyss webserver will run the script , my firewall knows what is going on. But abyss doesn't really seam to care ... Is this because of my settings ? Could you please help me.
Thnx in advance,
Jasper Hofland |
First of all, Abyss Web Server has nothing in its code that allows direct execution of posted data. The suspect is your forum software that may allow such a behaviour (which is highly dangerous by the way).
But what is missing in your question is the following information:
* What does the Quote: | Time, Event, Intruder, Count
09-08-2002 13:06:17, HTTP POST data contains script, a213-84-32-243.adsl.xs4all.nl, 1 | mean and where do they come from ?
* What is the forum you use ?
* How an intrusion is done exactly ? Can you give us a scenario to replay an attack ?
You can use the forum or send all these information to support@aprelium.com . _________________ Support Team
Aprelium - http://www.aprelium.com |
|
Back to top |
|
|
Jasper Hofland Guest
|
Posted: Mon Aug 12, 2002 4:40 pm Post subject: more info |
|
|
Time, Event, Intruder, Count
09-08-2002 13:06:17, HTTP POST data contains script, a213-84-32-243.adsl.xs4all.nl, 1
This a warning of my firewall , he detects a script in the post..
What is the forum you use ?
my forum is handmade with php ....
I have send you a mail with details and files.
Thnx again .
Jasper Hofland |
|
Back to top |
|
|
|
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
|