Loading ...
Sorry, an error occurred while loading the content.

Re: [irlp-embedded] Security upgrades required

Expand Messages
  • David Cameron
    I will have to look into a viable process to do this upgrade. The short answer would be to download the update tar package from Slackware and overwrite the
    Message 1 of 7 , May 31, 2011
    View Source
    • 0 Attachment
      I will have to look into a viable process to do this upgrade. The short answer would be to download the update tar package from Slackware and overwrite the current setup with the update package.

      Note that the PHP used is just the PHP interpreter that comes with apache.

      Do you have information on the risks you can forward?

      Also, are you using the remote admin portion of your node? If not, then you can safely turn off apache.

      Dave

      --------------------------------------------------------
      David Cameron - VE7LTD
      IRLP System Designer - http://www.irlp.net


      From: "stevenclary" <steve_clary@...>
      Sender: irlp-embedded@yahoogroups.com
      Date: Tue, 31 May 2011 15:37:29 -0000
      To: <irlp-embedded@yahoogroups.com>
      ReplyTo: irlp-embedded@yahoogroups.com
      Subject: [irlp-embedded] Security upgrades required

       

      Hello,
      I am looking for instructions to upgrade PHP and Apache on our embedded node.

      Our institution recognizes the the current version as a risk.

      Can anyone get me pointed in the right direction?

      Steve

    • stevenclary
      I will attempt to obtain more information about the actual risk. In the meantime, I will just turn off Apache - but can you tell me what the remote admin is,
      Message 2 of 7 , Jun 1, 2011
      View Source
      • 0 Attachment
        I will attempt to obtain more information about the actual risk. In the meantime, I will just turn off Apache - but can you tell me what the remote admin is, and how to turn it off? (It's been a while since I've done aything with IRLP).

        --- In irlp-embedded@yahoogroups.com, "David Cameron" <dcameron@...> wrote:
        >
        > I will have to look into a viable process to do this upgrade. The short answer would be to download the update tar package from Slackware and overwrite the current setup with the update package.
        >
        > Note that the PHP used is just the PHP interpreter that comes with apache.
        >
        > Do you have information on the risks you can forward?
        >
        > Also, are you using the remote admin portion of your node? If not, then you can safely turn off apache.
        >
        > Dave
        > --------------------------------------------------------
        > David Cameron - VE7LTD
        > IRLP System Designer - http://www.irlp.net
        >
        > -----Original Message-----
        > From: "stevenclary" <steve_clary@...>
        > Sender: irlp-embedded@yahoogroups.com
        > Date: Tue, 31 May 2011 15:37:29
        > To: <irlp-embedded@yahoogroups.com>
        > Reply-To: irlp-embedded@yahoogroups.com
        > Subject: [irlp-embedded] Security upgrades required
        >
        > Hello,
        > I am looking for instructions to upgrade PHP and Apache on our embedded node.
        >
        > Our institution recognizes the the current version as a risk.
        >
        > Can anyone get me pointed in the right direction?
        >
        > Steve
        >
      • David Cameron
        In the file /home/irlp/features/features.env You can disable the remote admin by changing the YES to a NO on the line which mentions remote admin. Don t forget
        Message 3 of 7 , Jun 1, 2011
        View Source
        • 0 Attachment
          In the file

          /home/irlp/features/features.env

          You can disable the remote admin by changing the YES to a NO on the line which mentions remote admin.
          Don't forget to run

          flash_sync

          and then reboot.

          Dave Cameron

          --------------------------------------------------------
          David Cameron - VE7LTD
          IRLP System Designer - http://www.irlp.net


          From: "stevenclary" <steve_clary@...>
          Sender: irlp-embedded@yahoogroups.com
          Date: Wed, 01 Jun 2011 12:45:28 -0000
          To: <irlp-embedded@yahoogroups.com>
          ReplyTo: irlp-embedded@yahoogroups.com
          Subject: [irlp-embedded] Re: Security upgrades required

           

          I will attempt to obtain more information about the actual risk. In the meantime, I will just turn off Apache - but can you tell me what the remote admin is, and how to turn it off? (It's been a while since I've done aything with IRLP).

          --- In irlp-embedded@yahoogroups.com, "David Cameron" <dcameron@...> wrote:
          >
          > I will have to look into a viable process to do this upgrade. The short answer would be to download the update tar package from Slackware and overwrite the current setup with the update package.
          >
          > Note that the PHP used is just the PHP interpreter that comes with apache.
          >
          > Do you have information on the risks you can forward?
          >
          > Also, are you using the remote admin portion of your node? If not, then you can safely turn off apache.
          >
          > Dave
          > --------------------------------------------------------
          > David Cameron - VE7LTD
          > IRLP System Designer - http://www.irlp.net
          >
          > -----Original Message-----
          > From: "stevenclary" <steve_clary@...>
          > Sender: irlp-embedded@yahoogroups.com
          > Date: Tue, 31 May 2011 15:37:29
          > To: <irlp-embedded@yahoogroups.com>
          > Reply-To: irlp-embedded@yahoogroups.com
          > Subject: [irlp-embedded] Security upgrades required
          >
          > Hello,
          > I am looking for instructions to upgrade PHP and Apache on our embedded node.
          >
          > Our institution recognizes the the current version as a risk.
          >
          > Can anyone get me pointed in the right direction?
          >
          > Steve
          >

        • David Cameron (IRLP)
          I have had a chance to sit at my computer and find the line you have to change: export USE_IRLP_WEBADMIN=YES need to be export USE_IRLP_WEBADMIN=NO Save the
          Message 4 of 7 , Jun 1, 2011
          View Source
          • 0 Attachment
            I have had a chance to sit at my computer and find the line you have to
            change:

            export USE_IRLP_WEBADMIN=YES

            need to be

            export USE_IRLP_WEBADMIN=NO

            Save the file, then run flash_sync, and reboot your node.

            Dave Cameron
            VE7LTD

            On 6/1/2011 9:49 AM, David Cameron wrote:
            > In the file
            >
            > /home/irlp/features/features.env
            >
            > You can disable the remote admin by changing the YES to a NO on the line which mentions remote admin.
            > Don't forget to run
            >
            > flash_sync
            >
            > and then reboot.
            >
            > Dave Cameron
            >
            >
            > --------------------------------------------------------
            > David Cameron - VE7LTD
            > IRLP System Designer - http://www.irlp.net
            >
            > -----Original Message-----
            > From: "stevenclary"<steve_clary@...>
            > Sender: irlp-embedded@yahoogroups.com
            > Date: Wed, 01 Jun 2011 12:45:28
            > To:<irlp-embedded@yahoogroups.com>
            > Reply-To: irlp-embedded@yahoogroups.com
            > Subject: [irlp-embedded] Re: Security upgrades required
            >
            > I will attempt to obtain more information about the actual risk. In the meantime, I will just turn off Apache - but can you tell me what the remote admin is, and how to turn it off? (It's been a while since I've done aything with IRLP).
            >
            > --- In irlp-embedded@yahoogroups.com, "David Cameron"<dcameron@...> wrote:
            >>
            >> I will have to look into a viable process to do this upgrade. The short answer would be to download the update tar package from Slackware and overwrite the current setup with the update package.
            >>
            >> Note that the PHP used is just the PHP interpreter that comes with apache.
            >>
            >> Do you have information on the risks you can forward?
            >>
            >> Also, are you using the remote admin portion of your node? If not, then you can safely turn off apache.
            >>
            >> Dave
            >> --------------------------------------------------------
            >> David Cameron - VE7LTD
            >> IRLP System Designer - http://www.irlp.net
            >>
            >> -----Original Message-----
            >> From: "stevenclary"<steve_clary@...>
            >> Sender: irlp-embedded@yahoogroups.com
            >> Date: Tue, 31 May 2011 15:37:29
            >> To:<irlp-embedded@yahoogroups.com>
            >> Reply-To: irlp-embedded@yahoogroups.com
            >> Subject: [irlp-embedded] Security upgrades required
            >>
            >> Hello,
            >> I am looking for instructions to upgrade PHP and Apache on our embedded node.
            >>
            >> Our institution recognizes the the current version as a risk.
            >>
            >> Can anyone get me pointed in the right direction?
            >>
            >> Steve
            >>
            >
            >
            >
          • stevenclary
            Thanks Dave! I went to make the change only to realize the VI is not on the machine. Frustrated...
            Message 5 of 7 , Jun 2, 2011
            View Source
            • 0 Attachment
              Thanks Dave!

              I went to make the change only to realize the VI is not on the machine. Frustrated...



              --- In irlp-embedded@yahoogroups.com, "David Cameron (IRLP)" <dcameron@...> wrote:
              >
              > I have had a chance to sit at my computer and find the line you have to
              > change:
              >
              > export USE_IRLP_WEBADMIN=YES
              >
              > need to be
              >
              > export USE_IRLP_WEBADMIN=NO
              >
              > Save the file, then run flash_sync, and reboot your node.
              >
              > Dave Cameron
              > VE7LTD
              >
              > On 6/1/2011 9:49 AM, David Cameron wrote:
              > > In the file
              > >
              > > /home/irlp/features/features.env
              > >
              > > You can disable the remote admin by changing the YES to a NO on the line which mentions remote admin.
              > > Don't forget to run
              > >
              > > flash_sync
              > >
              > > and then reboot.
              > >
              > > Dave Cameron
              > >
              > >
              > > --------------------------------------------------------
              > > David Cameron - VE7LTD
              > > IRLP System Designer - http://www.irlp.net
              > >
              > > -----Original Message-----
              > > From: "stevenclary"<steve_clary@...>
              > > Sender: irlp-embedded@yahoogroups.com
              > > Date: Wed, 01 Jun 2011 12:45:28
              > > To:<irlp-embedded@yahoogroups.com>
              > > Reply-To: irlp-embedded@yahoogroups.com
              > > Subject: [irlp-embedded] Re: Security upgrades required
              > >
              > > I will attempt to obtain more information about the actual risk. In the meantime, I will just turn off Apache - but can you tell me what the remote admin is, and how to turn it off? (It's been a while since I've done aything with IRLP).
              > >
              > > --- In irlp-embedded@yahoogroups.com, "David Cameron"<dcameron@> wrote:
              > >>
              > >> I will have to look into a viable process to do this upgrade. The short answer would be to download the update tar package from Slackware and overwrite the current setup with the update package.
              > >>
              > >> Note that the PHP used is just the PHP interpreter that comes with apache.
              > >>
              > >> Do you have information on the risks you can forward?
              > >>
              > >> Also, are you using the remote admin portion of your node? If not, then you can safely turn off apache.
              > >>
              > >> Dave
              > >> --------------------------------------------------------
              > >> David Cameron - VE7LTD
              > >> IRLP System Designer - http://www.irlp.net
              > >>
              > >> -----Original Message-----
              > >> From: "stevenclary"<steve_clary@>
              > >> Sender: irlp-embedded@yahoogroups.com
              > >> Date: Tue, 31 May 2011 15:37:29
              > >> To:<irlp-embedded@yahoogroups.com>
              > >> Reply-To: irlp-embedded@yahoogroups.com
              > >> Subject: [irlp-embedded] Security upgrades required
              > >>
              > >> Hello,
              > >> I am looking for instructions to upgrade PHP and Apache on our embedded node.
              > >>
              > >> Our institution recognizes the the current version as a risk.
              > >>
              > >> Can anyone get me pointed in the right direction?
              > >>
              > >> Steve
              > >>
              > >
              > >
              > >
              >
            • David Cameron (IRLP)
              How old is the embedded node - There should be a program called elvis which is symbolic linked to VI. It is a small vi clone. nano is installed as the editor
              Message 6 of 7 , Jun 2, 2011
              View Source
              • 0 Attachment
                How old is the embedded node - There should be a program called elvis
                which is symbolic linked to VI. It is a small vi clone.

                nano is installed as the editor of choice for most embedded owners.

                Dave Cameron

                On 6/2/2011 1:15 PM, stevenclary wrote:
                > Thanks Dave!
                >
                > I went to make the change only to realize the VI is not on the machine. Frustrated...
                >
                >
                >
                > --- In irlp-embedded@yahoogroups.com, "David Cameron (IRLP)"<dcameron@...> wrote:
                >>
                >> I have had a chance to sit at my computer and find the line you have to
                >> change:
                >>
                >> export USE_IRLP_WEBADMIN=YES
                >>
                >> need to be
                >>
                >> export USE_IRLP_WEBADMIN=NO
                >>
                >> Save the file, then run flash_sync, and reboot your node.
                >>
                >> Dave Cameron
                >> VE7LTD
                >>
                >> On 6/1/2011 9:49 AM, David Cameron wrote:
                >>> In the file
                >>>
                >>> /home/irlp/features/features.env
                >>>
                >>> You can disable the remote admin by changing the YES to a NO on the line which mentions remote admin.
                >>> Don't forget to run
                >>>
                >>> flash_sync
                >>>
                >>> and then reboot.
                >>>
                >>> Dave Cameron
                >>>
                >>>
                >>> --------------------------------------------------------
                >>> David Cameron - VE7LTD
                >>> IRLP System Designer - http://www.irlp.net
                >>>
                >>> -----Original Message-----
                >>> From: "stevenclary"<steve_clary@...>
                >>> Sender: irlp-embedded@yahoogroups.com
                >>> Date: Wed, 01 Jun 2011 12:45:28
                >>> To:<irlp-embedded@yahoogroups.com>
                >>> Reply-To: irlp-embedded@yahoogroups.com
                >>> Subject: [irlp-embedded] Re: Security upgrades required
                >>>
                >>> I will attempt to obtain more information about the actual risk. In the meantime, I will just turn off Apache - but can you tell me what the remote admin is, and how to turn it off? (It's been a while since I've done aything with IRLP).
                >>>
                >>> --- In irlp-embedded@yahoogroups.com, "David Cameron"<dcameron@> wrote:
                >>>>
                >>>> I will have to look into a viable process to do this upgrade. The short answer would be to download the update tar package from Slackware and overwrite the current setup with the update package.
                >>>>
                >>>> Note that the PHP used is just the PHP interpreter that comes with apache.
                >>>>
                >>>> Do you have information on the risks you can forward?
                >>>>
                >>>> Also, are you using the remote admin portion of your node? If not, then you can safely turn off apache.
                >>>>
                >>>> Dave
                >>>> --------------------------------------------------------
                >>>> David Cameron - VE7LTD
                >>>> IRLP System Designer - http://www.irlp.net
                >>>>
                >>>> -----Original Message-----
                >>>> From: "stevenclary"<steve_clary@>
                >>>> Sender: irlp-embedded@yahoogroups.com
                >>>> Date: Tue, 31 May 2011 15:37:29
                >>>> To:<irlp-embedded@yahoogroups.com>
                >>>> Reply-To: irlp-embedded@yahoogroups.com
                >>>> Subject: [irlp-embedded] Security upgrades required
                >>>>
                >>>> Hello,
                >>>> I am looking for instructions to upgrade PHP and Apache on our embedded node.
                >>>>
                >>>> Our institution recognizes the the current version as a risk.
                >>>>
                >>>> Can anyone get me pointed in the right direction?
                >>>>
                >>>> Steve
                >>>>
                >>>
                >>>
                >>>
                >>
                >
                >
                >
              Your message has been successfully submitted and would be delivered to recipients shortly.