wget is one of the largest threats for your server security. A single abuser that gains access to wget can download and run any script that he wants, totally compromising your server.
It is highly recommended that you allow only root to use wget and you restrict all other users from it.
1. Login to your server as root
2. Run the fallowing command
chmod 0700 /usr/bin/wget
Please note that disabling wget might cause some scripts to stop working. A known problem is that Fantastico will stop updating after this. The solution is pretty easy…
Before you disable wget make sure that you do a copy of it with the initial permissions. You can use any name that you want, the following is just an example:
cp /usr/bin/wget /usr/bin/wget_secret
In the Fantastico configuration input the location to wget as:
/usr/bin/wget_secret
If for some reason you you want to revert the change you simply have to do:
chmod 0711 /usr/bin/wget
=================================================================
I make it a habbit on my systems to chmod 700 some of the keyfiles
like wget, netstat. Also a good idea to set your /tmp to noexec.
there are alot of ways to get a file in the server i am ussualy using
this one
chmod 750 /usr/bin/rcp
chmod 750 /usr/bin/wget
chmod 750 /usr/bin/lynx
chmod 750 /usr/bin/links
chmod 750 /usr/bin/scp
chmod 750 /usr/bin/nc
chmod 750 /usr/bin/elinks
chmod 750 /usr/bin/curl
rm -rf /etc/httpd/proxy/
chmod 000 /var/mail/vbox
rm -rf /usr/local/apache/proxy
chmod 700 /usr/bin/lwp-*
chmod 750 /usr/bin/GET
chmod 750 /usr/bin/curl
Install LES, which will chmod/chattr most of these binarys for you.
REFERENCES
http://www.cyberls.com/forum/showthread.php?tid=440
http://forums.theplanet.com/lofiversion/index.php/t81289.html
It is highly recommended that you allow only root to use wget and you restrict all other users from it.
1. Login to your server as root
2. Run the fallowing command
chmod 0700 /usr/bin/wget
Please note that disabling wget might cause some scripts to stop working. A known problem is that Fantastico will stop updating after this. The solution is pretty easy…
Before you disable wget make sure that you do a copy of it with the initial permissions. You can use any name that you want, the following is just an example:
cp /usr/bin/wget /usr/bin/wget_secret
In the Fantastico configuration input the location to wget as:
/usr/bin/wget_secret
If for some reason you you want to revert the change you simply have to do:
chmod 0711 /usr/bin/wget
=================================================================
I make it a habbit on my systems to chmod 700 some of the keyfiles
like wget, netstat. Also a good idea to set your /tmp to noexec.
there are alot of ways to get a file in the server i am ussualy using
this one
chmod 750 /usr/bin/rcp
chmod 750 /usr/bin/wget
chmod 750 /usr/bin/lynx
chmod 750 /usr/bin/links
chmod 750 /usr/bin/scp
chmod 750 /usr/bin/nc
chmod 750 /usr/bin/elinks
chmod 750 /usr/bin/curl
rm -rf /etc/httpd/proxy/
chmod 000 /var/mail/vbox
rm -rf /usr/local/apache/proxy
chmod 700 /usr/bin/lwp-*
chmod 750 /usr/bin/GET
chmod 750 /usr/bin/curl
Install LES, which will chmod/chattr most of these binarys for you.
REFERENCES
http://www.cyberls.com/forum/showthread.php?tid=440
http://forums.theplanet.com/lofiversion/index.php/t81289.html
