Loading ...
Sorry, an error occurred while loading the content.

Re: Security upgrades required

Expand Messages
  • stevenclary
    I will attempt to obtain more information about the actual risk. In the meantime, I will just turn off Apache - but can you tell me what the remote admin is,
    Message 1 of 7 , Jun 1, 2011
    • 0 Attachment
      I will attempt to obtain more information about the actual risk. In the meantime, I will just turn off Apache - but can you tell me what the remote admin is, and how to turn it off? (It's been a while since I've done aything with IRLP).

      --- In irlp-embedded@yahoogroups.com, "David Cameron" <dcameron@...> wrote:
      >
      > I will have to look into a viable process to do this upgrade. The short answer would be to download the update tar package from Slackware and overwrite the current setup with the update package.
      >
      > Note that the PHP used is just the PHP interpreter that comes with apache.
      >
      > Do you have information on the risks you can forward?
      >
      > Also, are you using the remote admin portion of your node? If not, then you can safely turn off apache.
      >
      > Dave
      > --------------------------------------------------------
      > David Cameron - VE7LTD
      > IRLP System Designer - http://www.irlp.net
      >
      > -----Original Message-----
      > From: "stevenclary" <steve_clary@...>
      > Sender: irlp-embedded@yahoogroups.com
      > Date: Tue, 31 May 2011 15:37:29
      > To: <irlp-embedded@yahoogroups.com>
      > Reply-To: irlp-embedded@yahoogroups.com
      > Subject: [irlp-embedded] Security upgrades required
      >
      > Hello,
      > I am looking for instructions to upgrade PHP and Apache on our embedded node.
      >
      > Our institution recognizes the the current version as a risk.
      >
      > Can anyone get me pointed in the right direction?
      >
      > Steve
      >
    • David Cameron
      In the file /home/irlp/features/features.env You can disable the remote admin by changing the YES to a NO on the line which mentions remote admin. Don t forget
      Message 2 of 7 , Jun 1, 2011
      • 0 Attachment
        In the file

        /home/irlp/features/features.env

        You can disable the remote admin by changing the YES to a NO on the line which mentions remote admin.
        Don't forget to run

        flash_sync

        and then reboot.

        Dave Cameron

        --------------------------------------------------------
        David Cameron - VE7LTD
        IRLP System Designer - http://www.irlp.net


        From: "stevenclary" <steve_clary@...>
        Sender: irlp-embedded@yahoogroups.com
        Date: Wed, 01 Jun 2011 12:45:28 -0000
        To: <irlp-embedded@yahoogroups.com>
        ReplyTo: irlp-embedded@yahoogroups.com
        Subject: [irlp-embedded] Re: Security upgrades required

         

        I will attempt to obtain more information about the actual risk. In the meantime, I will just turn off Apache - but can you tell me what the remote admin is, and how to turn it off? (It's been a while since I've done aything with IRLP).

        --- In irlp-embedded@yahoogroups.com, "David Cameron" <dcameron@...> wrote:
        >
        > I will have to look into a viable process to do this upgrade. The short answer would be to download the update tar package from Slackware and overwrite the current setup with the update package.
        >
        > Note that the PHP used is just the PHP interpreter that comes with apache.
        >
        > Do you have information on the risks you can forward?
        >
        > Also, are you using the remote admin portion of your node? If not, then you can safely turn off apache.
        >
        > Dave
        > --------------------------------------------------------
        > David Cameron - VE7LTD
        > IRLP System Designer - http://www.irlp.net
        >
        > -----Original Message-----
        > From: "stevenclary" <steve_clary@...>
        > Sender: irlp-embedded@yahoogroups.com
        > Date: Tue, 31 May 2011 15:37:29
        > To: <irlp-embedded@yahoogroups.com>
        > Reply-To: irlp-embedded@yahoogroups.com
        > Subject: [irlp-embedded] Security upgrades required
        >
        > Hello,
        > I am looking for instructions to upgrade PHP and Apache on our embedded node.
        >
        > Our institution recognizes the the current version as a risk.
        >
        > Can anyone get me pointed in the right direction?
        >
        > Steve
        >

      • David Cameron (IRLP)
        I have had a chance to sit at my computer and find the line you have to change: export USE_IRLP_WEBADMIN=YES need to be export USE_IRLP_WEBADMIN=NO Save the
        Message 3 of 7 , Jun 1, 2011
        • 0 Attachment
          I have had a chance to sit at my computer and find the line you have to
          change:

          export USE_IRLP_WEBADMIN=YES

          need to be

          export USE_IRLP_WEBADMIN=NO

          Save the file, then run flash_sync, and reboot your node.

          Dave Cameron
          VE7LTD

          On 6/1/2011 9:49 AM, David Cameron wrote:
          > In the file
          >
          > /home/irlp/features/features.env
          >
          > You can disable the remote admin by changing the YES to a NO on the line which mentions remote admin.
          > Don't forget to run
          >
          > flash_sync
          >
          > and then reboot.
          >
          > Dave Cameron
          >
          >
          > --------------------------------------------------------
          > David Cameron - VE7LTD
          > IRLP System Designer - http://www.irlp.net
          >
          > -----Original Message-----
          > From: "stevenclary"<steve_clary@...>
          > Sender: irlp-embedded@yahoogroups.com
          > Date: Wed, 01 Jun 2011 12:45:28
          > To:<irlp-embedded@yahoogroups.com>
          > Reply-To: irlp-embedded@yahoogroups.com
          > Subject: [irlp-embedded] Re: Security upgrades required
          >
          > I will attempt to obtain more information about the actual risk. In the meantime, I will just turn off Apache - but can you tell me what the remote admin is, and how to turn it off? (It's been a while since I've done aything with IRLP).
          >
          > --- In irlp-embedded@yahoogroups.com, "David Cameron"<dcameron@...> wrote:
          >>
          >> I will have to look into a viable process to do this upgrade. The short answer would be to download the update tar package from Slackware and overwrite the current setup with the update package.
          >>
          >> Note that the PHP used is just the PHP interpreter that comes with apache.
          >>
          >> Do you have information on the risks you can forward?
          >>
          >> Also, are you using the remote admin portion of your node? If not, then you can safely turn off apache.
          >>
          >> Dave
          >> --------------------------------------------------------
          >> David Cameron - VE7LTD
          >> IRLP System Designer - http://www.irlp.net
          >>
          >> -----Original Message-----
          >> From: "stevenclary"<steve_clary@...>
          >> Sender: irlp-embedded@yahoogroups.com
          >> Date: Tue, 31 May 2011 15:37:29
          >> To:<irlp-embedded@yahoogroups.com>
          >> Reply-To: irlp-embedded@yahoogroups.com
          >> Subject: [irlp-embedded] Security upgrades required
          >>
          >> Hello,
          >> I am looking for instructions to upgrade PHP and Apache on our embedded node.
          >>
          >> Our institution recognizes the the current version as a risk.
          >>
          >> Can anyone get me pointed in the right direction?
          >>
          >> Steve
          >>
          >
          >
          >
        • stevenclary
          Thanks Dave! I went to make the change only to realize the VI is not on the machine. Frustrated...
          Message 4 of 7 , Jun 2, 2011
          • 0 Attachment
            Thanks Dave!

            I went to make the change only to realize the VI is not on the machine. Frustrated...



            --- In irlp-embedded@yahoogroups.com, "David Cameron (IRLP)" <dcameron@...> wrote:
            >
            > I have had a chance to sit at my computer and find the line you have to
            > change:
            >
            > export USE_IRLP_WEBADMIN=YES
            >
            > need to be
            >
            > export USE_IRLP_WEBADMIN=NO
            >
            > Save the file, then run flash_sync, and reboot your node.
            >
            > Dave Cameron
            > VE7LTD
            >
            > On 6/1/2011 9:49 AM, David Cameron wrote:
            > > In the file
            > >
            > > /home/irlp/features/features.env
            > >
            > > You can disable the remote admin by changing the YES to a NO on the line which mentions remote admin.
            > > Don't forget to run
            > >
            > > flash_sync
            > >
            > > and then reboot.
            > >
            > > Dave Cameron
            > >
            > >
            > > --------------------------------------------------------
            > > David Cameron - VE7LTD
            > > IRLP System Designer - http://www.irlp.net
            > >
            > > -----Original Message-----
            > > From: "stevenclary"<steve_clary@...>
            > > Sender: irlp-embedded@yahoogroups.com
            > > Date: Wed, 01 Jun 2011 12:45:28
            > > To:<irlp-embedded@yahoogroups.com>
            > > Reply-To: irlp-embedded@yahoogroups.com
            > > Subject: [irlp-embedded] Re: Security upgrades required
            > >
            > > I will attempt to obtain more information about the actual risk. In the meantime, I will just turn off Apache - but can you tell me what the remote admin is, and how to turn it off? (It's been a while since I've done aything with IRLP).
            > >
            > > --- In irlp-embedded@yahoogroups.com, "David Cameron"<dcameron@> wrote:
            > >>
            > >> I will have to look into a viable process to do this upgrade. The short answer would be to download the update tar package from Slackware and overwrite the current setup with the update package.
            > >>
            > >> Note that the PHP used is just the PHP interpreter that comes with apache.
            > >>
            > >> Do you have information on the risks you can forward?
            > >>
            > >> Also, are you using the remote admin portion of your node? If not, then you can safely turn off apache.
            > >>
            > >> Dave
            > >> --------------------------------------------------------
            > >> David Cameron - VE7LTD
            > >> IRLP System Designer - http://www.irlp.net
            > >>
            > >> -----Original Message-----
            > >> From: "stevenclary"<steve_clary@>
            > >> Sender: irlp-embedded@yahoogroups.com
            > >> Date: Tue, 31 May 2011 15:37:29
            > >> To:<irlp-embedded@yahoogroups.com>
            > >> Reply-To: irlp-embedded@yahoogroups.com
            > >> Subject: [irlp-embedded] Security upgrades required
            > >>
            > >> Hello,
            > >> I am looking for instructions to upgrade PHP and Apache on our embedded node.
            > >>
            > >> Our institution recognizes the the current version as a risk.
            > >>
            > >> Can anyone get me pointed in the right direction?
            > >>
            > >> Steve
            > >>
            > >
            > >
            > >
            >
          • David Cameron (IRLP)
            How old is the embedded node - There should be a program called elvis which is symbolic linked to VI. It is a small vi clone. nano is installed as the editor
            Message 5 of 7 , Jun 2, 2011
            • 0 Attachment
              How old is the embedded node - There should be a program called elvis
              which is symbolic linked to VI. It is a small vi clone.

              nano is installed as the editor of choice for most embedded owners.

              Dave Cameron

              On 6/2/2011 1:15 PM, stevenclary wrote:
              > Thanks Dave!
              >
              > I went to make the change only to realize the VI is not on the machine. Frustrated...
              >
              >
              >
              > --- In irlp-embedded@yahoogroups.com, "David Cameron (IRLP)"<dcameron@...> wrote:
              >>
              >> I have had a chance to sit at my computer and find the line you have to
              >> change:
              >>
              >> export USE_IRLP_WEBADMIN=YES
              >>
              >> need to be
              >>
              >> export USE_IRLP_WEBADMIN=NO
              >>
              >> Save the file, then run flash_sync, and reboot your node.
              >>
              >> Dave Cameron
              >> VE7LTD
              >>
              >> On 6/1/2011 9:49 AM, David Cameron wrote:
              >>> In the file
              >>>
              >>> /home/irlp/features/features.env
              >>>
              >>> You can disable the remote admin by changing the YES to a NO on the line which mentions remote admin.
              >>> Don't forget to run
              >>>
              >>> flash_sync
              >>>
              >>> and then reboot.
              >>>
              >>> Dave Cameron
              >>>
              >>>
              >>> --------------------------------------------------------
              >>> David Cameron - VE7LTD
              >>> IRLP System Designer - http://www.irlp.net
              >>>
              >>> -----Original Message-----
              >>> From: "stevenclary"<steve_clary@...>
              >>> Sender: irlp-embedded@yahoogroups.com
              >>> Date: Wed, 01 Jun 2011 12:45:28
              >>> To:<irlp-embedded@yahoogroups.com>
              >>> Reply-To: irlp-embedded@yahoogroups.com
              >>> Subject: [irlp-embedded] Re: Security upgrades required
              >>>
              >>> I will attempt to obtain more information about the actual risk. In the meantime, I will just turn off Apache - but can you tell me what the remote admin is, and how to turn it off? (It's been a while since I've done aything with IRLP).
              >>>
              >>> --- In irlp-embedded@yahoogroups.com, "David Cameron"<dcameron@> wrote:
              >>>>
              >>>> I will have to look into a viable process to do this upgrade. The short answer would be to download the update tar package from Slackware and overwrite the current setup with the update package.
              >>>>
              >>>> Note that the PHP used is just the PHP interpreter that comes with apache.
              >>>>
              >>>> Do you have information on the risks you can forward?
              >>>>
              >>>> Also, are you using the remote admin portion of your node? If not, then you can safely turn off apache.
              >>>>
              >>>> Dave
              >>>> --------------------------------------------------------
              >>>> David Cameron - VE7LTD
              >>>> IRLP System Designer - http://www.irlp.net
              >>>>
              >>>> -----Original Message-----
              >>>> From: "stevenclary"<steve_clary@>
              >>>> Sender: irlp-embedded@yahoogroups.com
              >>>> Date: Tue, 31 May 2011 15:37:29
              >>>> To:<irlp-embedded@yahoogroups.com>
              >>>> Reply-To: irlp-embedded@yahoogroups.com
              >>>> Subject: [irlp-embedded] Security upgrades required
              >>>>
              >>>> Hello,
              >>>> I am looking for instructions to upgrade PHP and Apache on our embedded node.
              >>>>
              >>>> Our institution recognizes the the current version as a risk.
              >>>>
              >>>> Can anyone get me pointed in the right direction?
              >>>>
              >>>> Steve
              >>>>
              >>>
              >>>
              >>>
              >>
              >
              >
              >
            Your message has been successfully submitted and would be delivered to recipients shortly.