[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] Securing Remote Shell Access via PHP Module



On Feb 3, mailings - kunstwerke.designs <mailings@xxxxxxxxxxxxxxxxxxxx> wrote:


Hi People,

need some advice in securing two suSe Linux 8.2 Server which should
communicate through a remote Shell running on wwwrun ( PHP driven ).
Servers are both secured with portsentry.
I don't really understand what you mean by "php driven remote shell". Can
you tell us the software that you are using?

I am using a PHP Script i wrote to connect via ssh from a website on my
Webserver to the remote one.
Its only a process opened via proc_open() in PHP with which i join the shell
remotely from my webserver using ssh2.


Any hints / advices what else i should do to keep the risk down to a
minimum?
I would at least install a custom kernel with grsecurity patch, forbid
users to see processes of other users and enable as many of the
other security options as possible (some break e.g. java, so watch out).
Of course, always watch your logfiles (logcheck) and apply security
updates when they come out (fou4s).

Markus

Got to read something more about grsec patch, nice idea.

Thanks

ben



--
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here