Loading ...
Sorry, an error occurred while loading the content.
 

Security upgrades required

Expand Messages
  • stevenclary
    Hello, I am looking for instructions to upgrade PHP and Apache on our embedded node. Our institution recognizes the the current version as a risk. Can anyone
    Message 1 of 7 , May 31, 2011
      Hello,
      I am looking for instructions to upgrade PHP and Apache on our embedded node.

      Our institution recognizes the the current version as a risk.

      Can anyone get me pointed in the right direction?

      Steve
    • David Cameron
      I will have to look into a viable process to do this upgrade. The short answer would be to download the update tar package from Slackware and overwrite the
      Message 2 of 7 , May 31, 2011
        I will have to look into a viable process to do this upgrade. The short answer would be to download the update tar package from Slackware and overwrite the current setup with the update package.

        Note that the PHP used is just the PHP interpreter that comes with apache.

        Do you have information on the risks you can forward?

        Also, are you using the remote admin portion of your node? If not, then you can safely turn off apache.

        Dave

        --------------------------------------------------------
        David Cameron - VE7LTD
        IRLP System Designer - http://www.irlp.net


        From: "stevenclary" <steve_clary@...>
        Sender: irlp-embedded@yahoogroups.com
        Date: Tue, 31 May 2011 15:37:29 -0000
        To: <irlp-embedded@yahoogroups.com>
        ReplyTo: irlp-embedded@yahoogroups.com
        Subject: [irlp-embedded] Security upgrades required

         

        Hello,
        I am looking for instructions to upgrade PHP and Apache on our embedded node.

        Our institution recognizes the the current version as a risk.

        Can anyone get me pointed in the right direction?

        Steve

      • stevenclary
        I will attempt to obtain more information about the actual risk. In the meantime, I will just turn off Apache - but can you tell me what the remote admin is,
        Message 3 of 7 , Jun 1, 2011
          I will attempt to obtain more information about the actual risk. In the meantime, I will just turn off Apache - but can you tell me what the remote admin is, and how to turn it off? (It's been a while since I've done aything with IRLP).

          --- In irlp-embedded@yahoogroups.com, "David Cameron" <dcameron@...> wrote:
          >
          > I will have to look into a viable process to do this upgrade. The short answer would be to download the update tar package from Slackware and overwrite the current setup with the update package.
          >
          > Note that the PHP used is just the PHP interpreter that comes with apache.
          >
          > Do you have information on the risks you can forward?
          >
          > Also, are you using the remote admin portion of your node? If not, then you can safely turn off apache.
          >
          > Dave
          > --------------------------------------------------------
          > David Cameron - VE7LTD
          > IRLP System Designer - http://www.irlp.net
          >
          > -----Original Message-----
          > From: "stevenclary" <steve_clary@...>
          > Sender: irlp-embedded@yahoogroups.com
          > Date: Tue, 31 May 2011 15:37:29
          > To: <irlp-embedded@yahoogroups.com>
          > Reply-To: irlp-embedded@yahoogroups.com
          > Subject: [irlp-embedded] Security upgrades required
          >
          > Hello,
          > I am looking for instructions to upgrade PHP and Apache on our embedded node.
          >
          > Our institution recognizes the the current version as a risk.
          >
          > Can anyone get me pointed in the right direction?
          >
          > Steve
          >
        • David Cameron
          In the file /home/irlp/features/features.env You can disable the remote admin by changing the YES to a NO on the line which mentions remote admin. Don t forget
          Message 4 of 7 , Jun 1, 2011
            In the file

            /home/irlp/features/features.env

            You can disable the remote admin by changing the YES to a NO on the line which mentions remote admin.
            Don't forget to run

            flash_sync

            and then reboot.

            Dave Cameron

            --------------------------------------------------------
            David Cameron - VE7LTD
            IRLP System Designer - http://www.irlp.net


            From: "stevenclary" <steve_clary@...>
            Sender: irlp-embedded@yahoogroups.com
            Date: Wed, 01 Jun 2011 12:45:28 -0000
            To: <irlp-embedded@yahoogroups.com>
            ReplyTo: irlp-embedded@yahoogroups.com
            Subject: [irlp-embedded] Re: Security upgrades required

             

            I will attempt to obtain more information about the actual risk. In the meantime, I will just turn off Apache - but can you tell me what the remote admin is, and how to turn it off? (It's been a while since I've done aything with IRLP).

            --- In irlp-embedded@yahoogroups.com, "David Cameron" <dcameron@...> wrote:
            >
            > I will have to look into a viable process to do this upgrade. The short answer would be to download the update tar package from Slackware and overwrite the current setup with the update package.
            >
            > Note that the PHP used is just the PHP interpreter that comes with apache.
            >
            > Do you have information on the risks you can forward?
            >
            > Also, are you using the remote admin portion of your node? If not, then you can safely turn off apache.
            >
            > Dave
            > --------------------------------------------------------
            > David Cameron - VE7LTD
            > IRLP System Designer - http://www.irlp.net
            >
            > -----Original Message-----
            > From: "stevenclary" <steve_clary@...>
            > Sender: irlp-embedded@yahoogroups.com
            > Date: Tue, 31 May 2011 15:37:29
            > To: <irlp-embedded@yahoogroups.com>
            > Reply-To: irlp-embedded@yahoogroups.com
            > Subject: [irlp-embedded] Security upgrades required
            >
            > Hello,
            > I am looking for instructions to upgrade PHP and Apache on our embedded node.
            >
            > Our institution recognizes the the current version as a risk.
            >
            > Can anyone get me pointed in the right direction?
            >
            > Steve
            >

          • David Cameron (IRLP)
            I have had a chance to sit at my computer and find the line you have to change: export USE_IRLP_WEBADMIN=YES need to be export USE_IRLP_WEBADMIN=NO Save the
            Message 5 of 7 , Jun 1, 2011
              I have had a chance to sit at my computer and find the line you have to
              change:

              export USE_IRLP_WEBADMIN=YES

              need to be

              export USE_IRLP_WEBADMIN=NO

              Save the file, then run flash_sync, and reboot your node.

              Dave Cameron
              VE7LTD

              On 6/1/2011 9:49 AM, David Cameron wrote:
              > In the file
              >
              > /home/irlp/features/features.env
              >
              > You can disable the remote admin by changing the YES to a NO on the line which mentions remote admin.
              > Don't forget to run
              >
              > flash_sync
              >
              > and then reboot.
              >
              > Dave Cameron
              >
              >
              > --------------------------------------------------------
              > David Cameron - VE7LTD
              > IRLP System Designer - http://www.irlp.net
              >
              > -----Original Message-----
              > From: "stevenclary"<steve_clary@...>
              > Sender: irlp-embedded@yahoogroups.com
              > Date: Wed, 01 Jun 2011 12:45:28
              > To:<irlp-embedded@yahoogroups.com>
              > Reply-To: irlp-embedded@yahoogroups.com
              > Subject: [irlp-embedded] Re: Security upgrades required
              >
              > I will attempt to obtain more information about the actual risk. In the meantime, I will just turn off Apache - but can you tell me what the remote admin is, and how to turn it off? (It's been a while since I've done aything with IRLP).
              >
              > --- In irlp-embedded@yahoogroups.com, "David Cameron"<dcameron@...> wrote:
              >>
              >> I will have to look into a viable process to do this upgrade. The short answer would be to download the update tar package from Slackware and overwrite the current setup with the update package.
              >>
              >> Note that the PHP used is just the PHP interpreter that comes with apache.
              >>
              >> Do you have information on the risks you can forward?
              >>
              >> Also, are you using the remote admin portion of your node? If not, then you can safely turn off apache.
              >>
              >> Dave
              >> --------------------------------------------------------
              >> David Cameron - VE7LTD
              >> IRLP System Designer - http://www.irlp.net
              >>
              >> -----Original Message-----
              >> From: "stevenclary"<steve_clary@...>
              >> Sender: irlp-embedded@yahoogroups.com
              >> Date: Tue, 31 May 2011 15:37:29
              >> To:<irlp-embedded@yahoogroups.com>
              >> Reply-To: irlp-embedded@yahoogroups.com
              >> Subject: [irlp-embedded] Security upgrades required
              >>
              >> Hello,
              >> I am looking for instructions to upgrade PHP and Apache on our embedded node.
              >>
              >> Our institution recognizes the the current version as a risk.
              >>
              >> Can anyone get me pointed in the right direction?
              >>
              >> Steve
              >>
              >
              >
              >
            • stevenclary
              Thanks Dave! I went to make the change only to realize the VI is not on the machine. Frustrated...
              Message 6 of 7 , Jun 2, 2011
                Thanks Dave!

                I went to make the change only to realize the VI is not on the machine. Frustrated...



                --- In irlp-embedded@yahoogroups.com, "David Cameron (IRLP)" <dcameron@...> wrote:
                >
                > I have had a chance to sit at my computer and find the line you have to
                > change:
                >
                > export USE_IRLP_WEBADMIN=YES
                >
                > need to be
                >
                > export USE_IRLP_WEBADMIN=NO
                >
                > Save the file, then run flash_sync, and reboot your node.
                >
                > Dave Cameron
                > VE7LTD
                >
                > On 6/1/2011 9:49 AM, David Cameron wrote:
                > > In the file
                > >
                > > /home/irlp/features/features.env
                > >
                > > You can disable the remote admin by changing the YES to a NO on the line which mentions remote admin.
                > > Don't forget to run
                > >
                > > flash_sync
                > >
                > > and then reboot.
                > >
                > > Dave Cameron
                > >
                > >
                > > --------------------------------------------------------
                > > David Cameron - VE7LTD
                > > IRLP System Designer - http://www.irlp.net
                > >
                > > -----Original Message-----
                > > From: "stevenclary"<steve_clary@...>
                > > Sender: irlp-embedded@yahoogroups.com
                > > Date: Wed, 01 Jun 2011 12:45:28
                > > To:<irlp-embedded@yahoogroups.com>
                > > Reply-To: irlp-embedded@yahoogroups.com
                > > Subject: [irlp-embedded] Re: Security upgrades required
                > >
                > > I will attempt to obtain more information about the actual risk. In the meantime, I will just turn off Apache - but can you tell me what the remote admin is, and how to turn it off? (It's been a while since I've done aything with IRLP).
                > >
                > > --- In irlp-embedded@yahoogroups.com, "David Cameron"<dcameron@> wrote:
                > >>
                > >> I will have to look into a viable process to do this upgrade. The short answer would be to download the update tar package from Slackware and overwrite the current setup with the update package.
                > >>
                > >> Note that the PHP used is just the PHP interpreter that comes with apache.
                > >>
                > >> Do you have information on the risks you can forward?
                > >>
                > >> Also, are you using the remote admin portion of your node? If not, then you can safely turn off apache.
                > >>
                > >> Dave
                > >> --------------------------------------------------------
                > >> David Cameron - VE7LTD
                > >> IRLP System Designer - http://www.irlp.net
                > >>
                > >> -----Original Message-----
                > >> From: "stevenclary"<steve_clary@>
                > >> Sender: irlp-embedded@yahoogroups.com
                > >> Date: Tue, 31 May 2011 15:37:29
                > >> To:<irlp-embedded@yahoogroups.com>
                > >> Reply-To: irlp-embedded@yahoogroups.com
                > >> Subject: [irlp-embedded] Security upgrades required
                > >>
                > >> Hello,
                > >> I am looking for instructions to upgrade PHP and Apache on our embedded node.
                > >>
                > >> Our institution recognizes the the current version as a risk.
                > >>
                > >> Can anyone get me pointed in the right direction?
                > >>
                > >> Steve
                > >>
                > >
                > >
                > >
                >
              • David Cameron (IRLP)
                How old is the embedded node - There should be a program called elvis which is symbolic linked to VI. It is a small vi clone. nano is installed as the editor
                Message 7 of 7 , Jun 2, 2011
                  How old is the embedded node - There should be a program called elvis
                  which is symbolic linked to VI. It is a small vi clone.

                  nano is installed as the editor of choice for most embedded owners.

                  Dave Cameron

                  On 6/2/2011 1:15 PM, stevenclary wrote:
                  > Thanks Dave!
                  >
                  > I went to make the change only to realize the VI is not on the machine. Frustrated...
                  >
                  >
                  >
                  > --- In irlp-embedded@yahoogroups.com, "David Cameron (IRLP)"<dcameron@...> wrote:
                  >>
                  >> I have had a chance to sit at my computer and find the line you have to
                  >> change:
                  >>
                  >> export USE_IRLP_WEBADMIN=YES
                  >>
                  >> need to be
                  >>
                  >> export USE_IRLP_WEBADMIN=NO
                  >>
                  >> Save the file, then run flash_sync, and reboot your node.
                  >>
                  >> Dave Cameron
                  >> VE7LTD
                  >>
                  >> On 6/1/2011 9:49 AM, David Cameron wrote:
                  >>> In the file
                  >>>
                  >>> /home/irlp/features/features.env
                  >>>
                  >>> You can disable the remote admin by changing the YES to a NO on the line which mentions remote admin.
                  >>> Don't forget to run
                  >>>
                  >>> flash_sync
                  >>>
                  >>> and then reboot.
                  >>>
                  >>> Dave Cameron
                  >>>
                  >>>
                  >>> --------------------------------------------------------
                  >>> David Cameron - VE7LTD
                  >>> IRLP System Designer - http://www.irlp.net
                  >>>
                  >>> -----Original Message-----
                  >>> From: "stevenclary"<steve_clary@...>
                  >>> Sender: irlp-embedded@yahoogroups.com
                  >>> Date: Wed, 01 Jun 2011 12:45:28
                  >>> To:<irlp-embedded@yahoogroups.com>
                  >>> Reply-To: irlp-embedded@yahoogroups.com
                  >>> Subject: [irlp-embedded] Re: Security upgrades required
                  >>>
                  >>> I will attempt to obtain more information about the actual risk. In the meantime, I will just turn off Apache - but can you tell me what the remote admin is, and how to turn it off? (It's been a while since I've done aything with IRLP).
                  >>>
                  >>> --- In irlp-embedded@yahoogroups.com, "David Cameron"<dcameron@> wrote:
                  >>>>
                  >>>> I will have to look into a viable process to do this upgrade. The short answer would be to download the update tar package from Slackware and overwrite the current setup with the update package.
                  >>>>
                  >>>> Note that the PHP used is just the PHP interpreter that comes with apache.
                  >>>>
                  >>>> Do you have information on the risks you can forward?
                  >>>>
                  >>>> Also, are you using the remote admin portion of your node? If not, then you can safely turn off apache.
                  >>>>
                  >>>> Dave
                  >>>> --------------------------------------------------------
                  >>>> David Cameron - VE7LTD
                  >>>> IRLP System Designer - http://www.irlp.net
                  >>>>
                  >>>> -----Original Message-----
                  >>>> From: "stevenclary"<steve_clary@>
                  >>>> Sender: irlp-embedded@yahoogroups.com
                  >>>> Date: Tue, 31 May 2011 15:37:29
                  >>>> To:<irlp-embedded@yahoogroups.com>
                  >>>> Reply-To: irlp-embedded@yahoogroups.com
                  >>>> Subject: [irlp-embedded] Security upgrades required
                  >>>>
                  >>>> Hello,
                  >>>> I am looking for instructions to upgrade PHP and Apache on our embedded node.
                  >>>>
                  >>>> Our institution recognizes the the current version as a risk.
                  >>>>
                  >>>> Can anyone get me pointed in the right direction?
                  >>>>
                  >>>> Steve
                  >>>>
                  >>>
                  >>>
                  >>>
                  >>
                  >
                  >
                  >
                Your message has been successfully submitted and would be delivered to recipients shortly.