var sidebar_align = 'right';
var content_container_margin = parseInt('350px');
var sidebar_width = parseInt('330px');
ssl slapper for linux
Just wanted to let everyone know, if they haven't heard already, there is a worm that is infecting Linux Servers running Apache with OpenSSL enabled.
here is a brief education rundown of what to do to get rid of it.
To detect the presence of the "Slapper" Worm/Trojan, look first in /tmp for files that have the string "bugtraq" as part of the name. You may find any of the following:
Delete them. It would also be wise to log in as root and do:
find / -name \*bugtraq\* -print
to see if any other files are hidden down your directory chain. Determine if you know what they are or not and move/remove them as you see fit.
Lastly, do a:
ps -ax | grep bugtraq
to look for any processes currently running. If you find them, kill them immediately. A reboot wouldn't hurt, if you can spare the time.
If you do not need SSL for your web server, turn it off. On one of our systems, we are running Redhat 7.3 and just edited the section in /etc/httpd/conf/httpd.conf which reads:
# General setup for the virtual host
#ServerAdmin [email protected]ess
# SSL Engine Switch:
# Enable/Disable SSL for this virtual host.
...and set SSLEngine off
Before we did that, we saw that slapper-thingie appear another time or two. Now, it's clean and not getting dumped on (so to speak).