Loading ...
Sorry, an error occurred while loading the content.
 

Re: [irlp-embedded] Re: Security upgrades required

Expand Messages
  • David Cameron
    In the file /home/irlp/features/features.env You can disable the remote admin by changing the YES to a NO on the line which mentions remote admin. Don t forget
    Message 1 of 7 , Jun 1, 2011
      In the file

      /home/irlp/features/features.env

      You can disable the remote admin by changing the YES to a NO on the line which mentions remote admin.
      Don't forget to run

      flash_sync

      and then reboot.

      Dave Cameron

      --------------------------------------------------------
      David Cameron - VE7LTD
      IRLP System Designer - http://www.irlp.net


      From: "stevenclary" <steve_clary@...>
      Sender: irlp-embedded@yahoogroups.com
      Date: Wed, 01 Jun 2011 12:45:28 -0000
      To: <irlp-embedded@yahoogroups.com>
      ReplyTo: irlp-embedded@yahoogroups.com
      Subject: [irlp-embedded] Re: Security upgrades required

       

      I will attempt to obtain more information about the actual risk. In the meantime, I will just turn off Apache - but can you tell me what the remote admin is, and how to turn it off? (It's been a while since I've done aything with IRLP).

      --- In irlp-embedded@yahoogroups.com, "David Cameron" <dcameron@...> wrote:
      >
      > I will have to look into a viable process to do this upgrade. The short answer would be to download the update tar package from Slackware and overwrite the current setup with the update package.
      >
      > Note that the PHP used is just the PHP interpreter that comes with apache.
      >
      > Do you have information on the risks you can forward?
      >
      > Also, are you using the remote admin portion of your node? If not, then you can safely turn off apache.
      >
      > Dave
      > --------------------------------------------------------
      > David Cameron - VE7LTD
      > IRLP System Designer - http://www.irlp.net
      >
      > -----Original Message-----
      > From: "stevenclary" <steve_clary@...>
      > Sender: irlp-embedded@yahoogroups.com
      > Date: Tue, 31 May 2011 15:37:29
      > To: <irlp-embedded@yahoogroups.com>
      > Reply-To: irlp-embedded@yahoogroups.com
      > Subject: [irlp-embedded] Security upgrades required
      >
      > Hello,
      > I am looking for instructions to upgrade PHP and Apache on our embedded node.
      >
      > Our institution recognizes the the current version as a risk.
      >
      > Can anyone get me pointed in the right direction?
      >
      > Steve
      >

    • David Cameron (IRLP)
      I have had a chance to sit at my computer and find the line you have to change: export USE_IRLP_WEBADMIN=YES need to be export USE_IRLP_WEBADMIN=NO Save the
      Message 2 of 7 , Jun 1, 2011
        I have had a chance to sit at my computer and find the line you have to
        change:

        export USE_IRLP_WEBADMIN=YES

        need to be

        export USE_IRLP_WEBADMIN=NO

        Save the file, then run flash_sync, and reboot your node.

        Dave Cameron
        VE7LTD

        On 6/1/2011 9:49 AM, David Cameron wrote:
        > In the file
        >
        > /home/irlp/features/features.env
        >
        > You can disable the remote admin by changing the YES to a NO on the line which mentions remote admin.
        > Don't forget to run
        >
        > flash_sync
        >
        > and then reboot.
        >
        > Dave Cameron
        >
        >
        > --------------------------------------------------------
        > David Cameron - VE7LTD
        > IRLP System Designer - http://www.irlp.net
        >
        > -----Original Message-----
        > From: "stevenclary"<steve_clary@...>
        > Sender: irlp-embedded@yahoogroups.com
        > Date: Wed, 01 Jun 2011 12:45:28
        > To:<irlp-embedded@yahoogroups.com>
        > Reply-To: irlp-embedded@yahoogroups.com
        > Subject: [irlp-embedded] Re: Security upgrades required
        >
        > I will attempt to obtain more information about the actual risk. In the meantime, I will just turn off Apache - but can you tell me what the remote admin is, and how to turn it off? (It's been a while since I've done aything with IRLP).
        >
        > --- In irlp-embedded@yahoogroups.com, "David Cameron"<dcameron@...> wrote:
        >>
        >> I will have to look into a viable process to do this upgrade. The short answer would be to download the update tar package from Slackware and overwrite the current setup with the update package.
        >>
        >> Note that the PHP used is just the PHP interpreter that comes with apache.
        >>
        >> Do you have information on the risks you can forward?
        >>
        >> Also, are you using the remote admin portion of your node? If not, then you can safely turn off apache.
        >>
        >> Dave
        >> --------------------------------------------------------
        >> David Cameron - VE7LTD
        >> IRLP System Designer - http://www.irlp.net
        >>
        >> -----Original Message-----
        >> From: "stevenclary"<steve_clary@...>
        >> Sender: irlp-embedded@yahoogroups.com
        >> Date: Tue, 31 May 2011 15:37:29
        >> To:<irlp-embedded@yahoogroups.com>
        >> Reply-To: irlp-embedded@yahoogroups.com
        >> Subject: [irlp-embedded] Security upgrades required
        >>
        >> Hello,
        >> I am looking for instructions to upgrade PHP and Apache on our embedded node.
        >>
        >> Our institution recognizes the the current version as a risk.
        >>
        >> Can anyone get me pointed in the right direction?
        >>
        >> Steve
        >>
        >
        >
        >
      • stevenclary
        Thanks Dave! I went to make the change only to realize the VI is not on the machine. Frustrated...
        Message 3 of 7 , Jun 2, 2011
          Thanks Dave!

          I went to make the change only to realize the VI is not on the machine. Frustrated...



          --- In irlp-embedded@yahoogroups.com, "David Cameron (IRLP)" <dcameron@...> wrote:
          >
          > I have had a chance to sit at my computer and find the line you have to
          > change:
          >
          > export USE_IRLP_WEBADMIN=YES
          >
          > need to be
          >
          > export USE_IRLP_WEBADMIN=NO
          >
          > Save the file, then run flash_sync, and reboot your node.
          >
          > Dave Cameron
          > VE7LTD
          >
          > On 6/1/2011 9:49 AM, David Cameron wrote:
          > > In the file
          > >
          > > /home/irlp/features/features.env
          > >
          > > You can disable the remote admin by changing the YES to a NO on the line which mentions remote admin.
          > > Don't forget to run
          > >
          > > flash_sync
          > >
          > > and then reboot.
          > >
          > > Dave Cameron
          > >
          > >
          > > --------------------------------------------------------
          > > David Cameron - VE7LTD
          > > IRLP System Designer - http://www.irlp.net
          > >
          > > -----Original Message-----
          > > From: "stevenclary"<steve_clary@...>
          > > Sender: irlp-embedded@yahoogroups.com
          > > Date: Wed, 01 Jun 2011 12:45:28
          > > To:<irlp-embedded@yahoogroups.com>
          > > Reply-To: irlp-embedded@yahoogroups.com
          > > Subject: [irlp-embedded] Re: Security upgrades required
          > >
          > > I will attempt to obtain more information about the actual risk. In the meantime, I will just turn off Apache - but can you tell me what the remote admin is, and how to turn it off? (It's been a while since I've done aything with IRLP).
          > >
          > > --- In irlp-embedded@yahoogroups.com, "David Cameron"<dcameron@> wrote:
          > >>
          > >> I will have to look into a viable process to do this upgrade. The short answer would be to download the update tar package from Slackware and overwrite the current setup with the update package.
          > >>
          > >> Note that the PHP used is just the PHP interpreter that comes with apache.
          > >>
          > >> Do you have information on the risks you can forward?
          > >>
          > >> Also, are you using the remote admin portion of your node? If not, then you can safely turn off apache.
          > >>
          > >> Dave
          > >> --------------------------------------------------------
          > >> David Cameron - VE7LTD
          > >> IRLP System Designer - http://www.irlp.net
          > >>
          > >> -----Original Message-----
          > >> From: "stevenclary"<steve_clary@>
          > >> Sender: irlp-embedded@yahoogroups.com
          > >> Date: Tue, 31 May 2011 15:37:29
          > >> To:<irlp-embedded@yahoogroups.com>
          > >> Reply-To: irlp-embedded@yahoogroups.com
          > >> Subject: [irlp-embedded] Security upgrades required
          > >>
          > >> Hello,
          > >> I am looking for instructions to upgrade PHP and Apache on our embedded node.
          > >>
          > >> Our institution recognizes the the current version as a risk.
          > >>
          > >> Can anyone get me pointed in the right direction?
          > >>
          > >> Steve
          > >>
          > >
          > >
          > >
          >
        • David Cameron (IRLP)
          How old is the embedded node - There should be a program called elvis which is symbolic linked to VI. It is a small vi clone. nano is installed as the editor
          Message 4 of 7 , Jun 2, 2011
            How old is the embedded node - There should be a program called elvis
            which is symbolic linked to VI. It is a small vi clone.

            nano is installed as the editor of choice for most embedded owners.

            Dave Cameron

            On 6/2/2011 1:15 PM, stevenclary wrote:
            > Thanks Dave!
            >
            > I went to make the change only to realize the VI is not on the machine. Frustrated...
            >
            >
            >
            > --- In irlp-embedded@yahoogroups.com, "David Cameron (IRLP)"<dcameron@...> wrote:
            >>
            >> I have had a chance to sit at my computer and find the line you have to
            >> change:
            >>
            >> export USE_IRLP_WEBADMIN=YES
            >>
            >> need to be
            >>
            >> export USE_IRLP_WEBADMIN=NO
            >>
            >> Save the file, then run flash_sync, and reboot your node.
            >>
            >> Dave Cameron
            >> VE7LTD
            >>
            >> On 6/1/2011 9:49 AM, David Cameron wrote:
            >>> In the file
            >>>
            >>> /home/irlp/features/features.env
            >>>
            >>> You can disable the remote admin by changing the YES to a NO on the line which mentions remote admin.
            >>> Don't forget to run
            >>>
            >>> flash_sync
            >>>
            >>> and then reboot.
            >>>
            >>> Dave Cameron
            >>>
            >>>
            >>> --------------------------------------------------------
            >>> David Cameron - VE7LTD
            >>> IRLP System Designer - http://www.irlp.net
            >>>
            >>> -----Original Message-----
            >>> From: "stevenclary"<steve_clary@...>
            >>> Sender: irlp-embedded@yahoogroups.com
            >>> Date: Wed, 01 Jun 2011 12:45:28
            >>> To:<irlp-embedded@yahoogroups.com>
            >>> Reply-To: irlp-embedded@yahoogroups.com
            >>> Subject: [irlp-embedded] Re: Security upgrades required
            >>>
            >>> I will attempt to obtain more information about the actual risk. In the meantime, I will just turn off Apache - but can you tell me what the remote admin is, and how to turn it off? (It's been a while since I've done aything with IRLP).
            >>>
            >>> --- In irlp-embedded@yahoogroups.com, "David Cameron"<dcameron@> wrote:
            >>>>
            >>>> I will have to look into a viable process to do this upgrade. The short answer would be to download the update tar package from Slackware and overwrite the current setup with the update package.
            >>>>
            >>>> Note that the PHP used is just the PHP interpreter that comes with apache.
            >>>>
            >>>> Do you have information on the risks you can forward?
            >>>>
            >>>> Also, are you using the remote admin portion of your node? If not, then you can safely turn off apache.
            >>>>
            >>>> Dave
            >>>> --------------------------------------------------------
            >>>> David Cameron - VE7LTD
            >>>> IRLP System Designer - http://www.irlp.net
            >>>>
            >>>> -----Original Message-----
            >>>> From: "stevenclary"<steve_clary@>
            >>>> Sender: irlp-embedded@yahoogroups.com
            >>>> Date: Tue, 31 May 2011 15:37:29
            >>>> To:<irlp-embedded@yahoogroups.com>
            >>>> Reply-To: irlp-embedded@yahoogroups.com
            >>>> Subject: [irlp-embedded] Security upgrades required
            >>>>
            >>>> Hello,
            >>>> I am looking for instructions to upgrade PHP and Apache on our embedded node.
            >>>>
            >>>> Our institution recognizes the the current version as a risk.
            >>>>
            >>>> Can anyone get me pointed in the right direction?
            >>>>
            >>>> Steve
            >>>>
            >>>
            >>>
            >>>
            >>
            >
            >
            >
          Your message has been successfully submitted and would be delivered to recipients shortly.