FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Fedora SELinux Support

 
 
LinkBack Thread Tools
 
Old 09-10-2008, 10:15 PM
Kristen R
 
Default Help with AVC messages

Last night I had a users website hacked. The hacker then tried to use httpd to
access /etc files and directorys, as well as the root directory. SELinux
saved my system.

I need to make a complaint to the ISP who is providing for this offender. I
have http access logs and error logs but they don't show very much. Other
then access which was valid (well, not valid) and 2 entries in the error log.
Is there a way I can correlate the AVC denials with the malious attacker? The
AVC messages do not have time stamps or IP addresses attached to them.

Thank you for your assistance, and for SELinux!

Kristen

--
fedora-selinux-list mailing list
fedora-selinux-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
 

Thread Tools




All times are GMT. The time now is 08:29 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org