One of my friends did a security scan on my DA box, and he pointed out some "risks" that my box has. I am quite a newbie, still on my process of learning how to admin a box (and since I am not doing anything big with my box, don't shoot me), so I would like some advices here. I am not so sure where he got all of this, but they sound scary.
Apache
PHP
BIND
SSH
SSL
these are basically some of the important ones. any ideas how should I update them? Or does DA has a similar system to WHM where the system can download and patch itself? I just purchased my license yesterday, so I am not so clear about how things work yet. Sorry if I sound noob.
Apache
The remote host is using the Apache mod_frontpage module.
mod_frontpage older than 1.6.1 is vulnerable to a buffer
overflow which may allow an attacker to gain root access.
*** Since Nessus was not able to remotely determine the version
*** of mod_frontage you are running, you are advised to manually
*** check which version you are running as this might be a false
*** positive.
If you want the remote server to be remotely secure, we advise
you do not use this module at all.
Solution : Disable this module
Risk factor : High
PHP
The remote host is running a version of PHP 4.3 which is older or
equal to
4.3.2.
There is a flaw in this version which may allow a local attacker to
bypass the safe mode and gain unauthorized access to files on the
local
system, thanks to a flaw in the function
php_safe_mode_include_dir().
Solution : Upgrade to PHP 4.3.3 when it is available
Risk factor : Medium
BIND
The remote BIND 9 server, according to its version number, is
vulnerable to a
buffer overflow which may allow an attacker to gain a shell on this
host or
to disable this server.
Solution : upgrade to bind 9.2.2 or downgrade to the 8.x series
See also : http://www.isc.org/products/BIND/bind9.html
http://cert.uni-stuttgart.de/archive/bugtraq/2003/03/msg00075.html
http://www.cert.org/advisories/CA-2002-19.html
Risk factor : High
SSH
You are running OpenSSH-portable 3.6.1 or older.
There is a flaw in this version which may allow an attacker to
bypass the access controls set by the administrator of this server.
OpenSSH features a mecanism which can restrict the list of
hosts a given user can log from by specifying a pattern
in the user key file (ie: *.mynetwork.com would let a user
connect only from the local network).
However there is a flaw in the way OpenSSH does reverse DNS
lookups.
If an attacker configures his DNS server to send a numeric IP address when a reverse lookup is performed, he may be able to circumvent this mecanism.
Solution : Upgrade to OpenSSH 3.6.2 when it comes out
Risk Factor : Low
SSL
The remote host is using a version of OpenSSL which is
older than 0.9.6j or 0.9.7b
This version is vulnerable to a timing based attack which may
allow an attacker to guess the content of fixed data blocks and
may eventually be able to guess the value of the private RSA key
of the server.
An attacker may use this implementation flaw to sniff the
data going to this host and decrypt some parts of it, as well
as impersonate your server and perform man in the middle attacks.
*** Nessus solely relied on the banner of the remote host
*** to issue this warning
See also : http://www.openssl.org/news/secadv_20030219.txt
http://lasecwww.epfl.ch/memo_ssl.shtml
http://eprint.iacr.org/2003/052/
Solution : Upgrade to version 0.9.6j (0.9.7b) or newer
Risk factor : Medium
these are basically some of the important ones. any ideas how should I update them? Or does DA has a similar system to WHM where the system can download and patch itself? I just purchased my license yesterday, so I am not so clear about how things work yet. Sorry if I sound noob.