Re: [bitfolk] Small issue related to renumbering

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
MAndy Smith at <-
MKeith Williams at ->

Reply to this message
Author: Keith Williams
Date:  
To: Kai Hendry
CC: users
Old-Topics: Re: [bitfolk] PHP-CGI exploit probes seen - please make sure your VPS is secured against this
Subject: Re: [bitfolk] Small issue related to renumbering
Kai Hendry wrote:
> On 10 May 2012 09:14, Duane<duane@???> wrote:
>> A friend of mine thinks php5-suhosin prevents the attack from working.
> Suhosin has been harmful other folks say.
> https://pierre-schmitz.com/php-5-4-1-in-suhosin-out/
> http://mailman.archlinux.org/pipermail/arch-announce/2012-May/000312.html
>

What is harmful?

All I saw was someone disliking the slow updates. 


From kai.hendry@??? Thu May 10 08:10:12 2012
Received: from mail-wi0-f170.google.com ([209.85.212.170])
    by mail.bitfolk.com with esmtps (TLS1.0:RSA_ARCFOUR_SHA1:16)
    (Exim 4.72) (envelope-from <kai.hendry@???>)
    id 1SSORw-0002JE-Bl
    for users@???; Thu, 10 May 2012 08:10:12 +0000
Received: by wibhm4 with SMTP id hm4so172260wib.3
    for <users@???>; Thu, 10 May 2012 01:10:07 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
    h=mime-version:sender:in-reply-to:references:date
    :x-google-sender-auth:message-id:subject:from:to:cc:content-type;
    bh=8Zwmk/+V7QU+urIle+15YWrQdTk9TcWnTT0MXL84bzY=;
    b=Xxo4Y0dMYXnzE+IAbxfwCOoG0PRWSyOcqD3lFmXMbg+rCT8QupVw/aB0X83MLdBks1
    D8YCmMb9lcirS9DRCra6K6ySCaBmuOtNEvIchhkCOMpm+zCo3y2tUpdvyaVdAdOT36ZX
    WSKIi6dI987wlrWNFOBLGAydq+0Kr+r7GqOqtYlfjb9TyZemkzNSw+4oAvvhb5WdbkwU
    mt7wlmYGpVy0wpXLgpBLJ+2Od+t+WoN8yfEiXAKO6iEAio2JQeYLHhJb8TBBv+9D5sj8
    0E5bmJ4PiXeyaXEHlQwhxCepP/hES460tAWBQxteoAw7sqMVG+UZQemiI8d4Do649QoX
    KF4Q==
MIME-Version: 1.0
Received: by 10.180.83.72 with SMTP id o8mr7252929wiy.5.1336637407123; Thu, 10
    May 2012 01:10:07 -0700 (PDT)
Sender: kai.hendry@???
Received: by 10.223.109.78 with HTTP; Thu, 10 May 2012 01:10:07 -0700 (PDT)
In-Reply-To: <4FAB76FA.1000508@???>
References: <20120509142238.GR12360@???> <4FAB167B.3080703@???>
    <CAF8XF0eKooFxBw5KaEqSdR97gwPmVXvfKXsK8R8O88sNPs755w@???>
    <4FAB76FA.1000508@???>
Date: Thu, 10 May 2012 16:10:07 +0800
X-Google-Sender-Auth: D64zxQMfT8gXUjotHNVsIjgqyng
Message-ID: <CAF8XF0d4tv7xDM4PsFnSQHPZZPo1KYS3054wc324GXJNP6V5Kw@???>
From: Kai Hendry <hendry@???>
To: Duane <duane@???>
Content-Type: text/plain; charset=UTF-8
X-Virus-Scanner: Scanned by ClamAV on mail.bitfolk.com at Thu,
    10 May 2012 08:10:12 +0000
X-SA-Exim-Connect-IP: 209.85.212.170
X-SA-Exim-Mail-From: kai.hendry@???
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
    spamd1.lon.bitfolk.com
X-Spam-Level: 
X-Spam-ASN: AS15169 209.85.212.0/24
X-Spam-Status: No, score=-0.7 required=5.0 tests=DKIM_SIGNED,DKIM_VALID,
    RCVD_IN_DNSWL_LOW,
    SPF_PASS shortcircuit=no autolearn=disabled version=3.3.1
X-Spam-Report: * -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at
    http://www.dnswl.org/, low *      trust
    *      [209.85.212.170 listed in list.dnswl.org]
    * -0.0 SPF_PASS SPF: sender matches SPF record
    * -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
    *  0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily
    *      valid
X-SA-Exim-Version: 4.2.1 (built Mon, 22 Mar 2010 06:51:10 +0000)
X-SA-Exim-Scanned: Yes (on mail.bitfolk.com)
Cc: users@???
Subject: Re: [bitfolk] PHP-CGI exploit probes seen - please make sure your
 VPS is secured against this
X-BeenThere: users@???
X-Mailman-Version: 2.1.13
Precedence: list
List-Id: Users of BitFolk hosting <users.lists.bitfolk.com>
List-Unsubscribe: <https://lists.bitfolk.com/mailman/options/users>,
    <mailto:users-request@lists.bitfolk.com?subject=unsubscribe>
List-Archive: <http://lists.bitfolk.com/lurker/list/users.html>
List-Post: <mailto:users@lists.bitfolk.com>
List-Help: <mailto:users-request@lists.bitfolk.com?subject=help>
List-Subscribe: <https://lists.bitfolk.com/mailman/listinfo/users>,
    <mailto:users-request@lists.bitfolk.com?subject=subscribe>
X-List-Received-Date: Thu, 10 May 2012 08:10:12 -0000


On 10 May 2012 16:06, Duane <duane@???> wrote:
> What is harmful?
> All I saw was someone disliking the slow updates.

Surely you answered your own question there?

slow updates = harmful

It seems to be the modern day security theme of late. 


From duane@??? Thu May 10 08:16:51 2012
Received: from mail.aus-biz.com ([208.82.100.153])
    by mail.bitfolk.com with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32)
    (Exim 4.72) (envelope-from <duane@???>) id 1SSOYM-000361-TM
    for users@???; Thu, 10 May 2012 08:16:51 +0000
Received: from [192.168.2.141] (220-245-82-41.static.tpgi.com.au
    [220.245.82.41])
    (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits))
    (Client did not present a certificate)
    by mail.aus-biz.com (Postfix) with ESMTPSA id 99F6CFF2D3;
    Thu, 10 May 2012 18:16:44 +1000 (EST)
Message-ID: <4FAB7968.8010707@???>
Date: Thu, 10 May 2012 18:16:40 +1000
From: Duane <duane@???>
User-Agent: Mozilla/5.0 (X11; Linux x86_64;
    rv:12.0) Gecko/20120430 Thunderbird/12.0.1
MIME-Version: 1.0
To: Kai Hendry <hendry@???>
References: <20120509142238.GR12360@???> <4FAB167B.3080703@???>
    <CAF8XF0eKooFxBw5KaEqSdR97gwPmVXvfKXsK8R8O88sNPs755w@???>
    <4FAB76FA.1000508@???>
    <CAF8XF0d4tv7xDM4PsFnSQHPZZPo1KYS3054wc324GXJNP6V5Kw@???>
In-Reply-To: <CAF8XF0d4tv7xDM4PsFnSQHPZZPo1KYS3054wc324GXJNP6V5Kw@???>
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
X-Virus-Scanner: Scanned by ClamAV on mail.bitfolk.com at Thu,
    10 May 2012 08:16:50 +0000
X-SA-Exim-Connect-IP: 208.82.100.153
X-SA-Exim-Mail-From: duane@???
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
    spamd0.lon.bitfolk.com
X-Spam-Level: 
X-Spam-ASN: AS36252 208.82.96.0/21
X-Spam-Status: No, score=0.7 required=5.0 tests=SPF_NEUTRAL shortcircuit=no
    autolearn=disabled version=3.3.1
X-Spam-Report: * 0.7 SPF_NEUTRAL SPF: sender does not match SPF record
    (neutral)
X-SA-Exim-Version: 4.2.1 (built Mon, 22 Mar 2010 06:51:10 +0000)
X-SA-Exim-Scanned: Yes (on mail.bitfolk.com)
Cc: users@???
Subject: Re: [bitfolk] PHP-CGI exploit probes seen - please make sure your
 VPS is secured against this
X-BeenThere: users@???
X-Mailman-Version: 2.1.13
Precedence: list
List-Id: Users of BitFolk hosting <users.lists.bitfolk.com>
List-Unsubscribe: <https://lists.bitfolk.com/mailman/options/users>,
    <mailto:users-request@lists.bitfolk.com?subject=unsubscribe>
List-Archive: <http://lists.bitfolk.com/lurker/list/users.html>
List-Post: <mailto:users@lists.bitfolk.com>
List-Help: <mailto:users-request@lists.bitfolk.com?subject=help>
List-Subscribe: <https://lists.bitfolk.com/mailman/listinfo/users>,
    <mailto:users-request@lists.bitfolk.com?subject=subscribe>
X-List-Received-Date: Thu, 10 May 2012 08:16:51 -0000


Kai Hendry wrote:
> On 10 May 2012 16:06, Duane<duane@???> wrote:
>> What is harmful?
>> All I saw was someone disliking the slow
This message was posted to the following mailing lists:
users
Mailing List Info | Nearby Messages		<-Re: [bitfolk] Small issue related to renumberingRe: [bitfolk] Small issue related to renumbering->
Bitfolk Mailing List Archive administrated by List AdminLurker (version 2.3)