Loading ...
Sorry, an error occurred while loading the content.

Re: [irlp-embedded] Re: Security upgrades required

Expand Messages
  • David Cameron (IRLP)
    I have had a chance to sit at my computer and find the line you have to change: export USE_IRLP_WEBADMIN=YES need to be export USE_IRLP_WEBADMIN=NO Save the
    Message 1 of 7 , Jun 1, 2011
    • 0 Attachment
      I have had a chance to sit at my computer and find the line you have to
      change:

      export USE_IRLP_WEBADMIN=YES

      need to be

      export USE_IRLP_WEBADMIN=NO

      Save the file, then run flash_sync, and reboot your node.

      Dave Cameron
      VE7LTD

      On 6/1/2011 9:49 AM, David Cameron wrote:
      > In the file
      >
      > /home/irlp/features/features.env
      >
      > You can disable the remote admin by changing the YES to a NO on the line which mentions remote admin.
      > Don't forget to run
      >
      > flash_sync
      >
      > and then reboot.
      >
      > Dave Cameron
      >
      >
      > --------------------------------------------------------
      > David Cameron - VE7LTD
      > IRLP System Designer - http://www.irlp.net
      >
      > -----Original Message-----
      > From: "stevenclary"<steve_clary@...>
      > Sender: irlp-embedded@yahoogroups.com
      > Date: Wed, 01 Jun 2011 12:45:28
      > To:<irlp-embedded@yahoogroups.com>
      > Reply-To: irlp-embedded@yahoogroups.com
      > Subject: [irlp-embedded] Re: Security upgrades required
      >
      > I will attempt to obtain more information about the actual risk. In the meantime, I will just turn off Apache - but can you tell me what the remote admin is, and how to turn it off? (It's been a while since I've done aything with IRLP).
      >
      > --- In irlp-embedded@yahoogroups.com, "David Cameron"<dcameron@...> wrote:
      >>
      >> I will have to look into a viable process to do this upgrade. The short answer would be to download the update tar package from Slackware and overwrite the current setup with the update package.
      >>
      >> Note that the PHP used is just the PHP interpreter that comes with apache.
      >>
      >> Do you have information on the risks you can forward?
      >>
      >> Also, are you using the remote admin portion of your node? If not, then you can safely turn off apache.
      >>
      >> Dave
      >> --------------------------------------------------------
      >> David Cameron - VE7LTD
      >> IRLP System Designer - http://www.irlp.net
      >>
      >> -----Original Message-----
      >> From: "stevenclary"<steve_clary@...>
      >> Sender: irlp-embedded@yahoogroups.com
      >> Date: Tue, 31 May 2011 15:37:29
      >> To:<irlp-embedded@yahoogroups.com>
      >> Reply-To: irlp-embedded@yahoogroups.com
      >> Subject: [irlp-embedded] Security upgrades required
      >>
      >> Hello,
      >> I am looking for instructions to upgrade PHP and Apache on our embedded node.
      >>
      >> Our institution recognizes the the current version as a risk.
      >>
      >> Can anyone get me pointed in the right direction?
      >>
      >> Steve
      >>
      >
      >
      >
    • stevenclary
      Thanks Dave! I went to make the change only to realize the VI is not on the machine. Frustrated...
      Message 2 of 7 , Jun 2, 2011
      • 0 Attachment
        Thanks Dave!

        I went to make the change only to realize the VI is not on the machine. Frustrated...



        --- In irlp-embedded@yahoogroups.com, "David Cameron (IRLP)" <dcameron@...> wrote:
        >
        > I have had a chance to sit at my computer and find the line you have to
        > change:
        >
        > export USE_IRLP_WEBADMIN=YES
        >
        > need to be
        >
        > export USE_IRLP_WEBADMIN=NO
        >
        > Save the file, then run flash_sync, and reboot your node.
        >
        > Dave Cameron
        > VE7LTD
        >
        > On 6/1/2011 9:49 AM, David Cameron wrote:
        > > In the file
        > >
        > > /home/irlp/features/features.env
        > >
        > > You can disable the remote admin by changing the YES to a NO on the line which mentions remote admin.
        > > Don't forget to run
        > >
        > > flash_sync
        > >
        > > and then reboot.
        > >
        > > Dave Cameron
        > >
        > >
        > > --------------------------------------------------------
        > > David Cameron - VE7LTD
        > > IRLP System Designer - http://www.irlp.net
        > >
        > > -----Original Message-----
        > > From: "stevenclary"<steve_clary@...>
        > > Sender: irlp-embedded@yahoogroups.com
        > > Date: Wed, 01 Jun 2011 12:45:28
        > > To:<irlp-embedded@yahoogroups.com>
        > > Reply-To: irlp-embedded@yahoogroups.com
        > > Subject: [irlp-embedded] Re: Security upgrades required
        > >
        > > I will attempt to obtain more information about the actual risk. In the meantime, I will just turn off Apache - but can you tell me what the remote admin is, and how to turn it off? (It's been a while since I've done aything with IRLP).
        > >
        > > --- In irlp-embedded@yahoogroups.com, "David Cameron"<dcameron@> wrote:
        > >>
        > >> I will have to look into a viable process to do this upgrade. The short answer would be to download the update tar package from Slackware and overwrite the current setup with the update package.
        > >>
        > >> Note that the PHP used is just the PHP interpreter that comes with apache.
        > >>
        > >> Do you have information on the risks you can forward?
        > >>
        > >> Also, are you using the remote admin portion of your node? If not, then you can safely turn off apache.
        > >>
        > >> Dave
        > >> --------------------------------------------------------
        > >> David Cameron - VE7LTD
        > >> IRLP System Designer - http://www.irlp.net
        > >>
        > >> -----Original Message-----
        > >> From: "stevenclary"<steve_clary@>
        > >> Sender: irlp-embedded@yahoogroups.com
        > >> Date: Tue, 31 May 2011 15:37:29
        > >> To:<irlp-embedded@yahoogroups.com>
        > >> Reply-To: irlp-embedded@yahoogroups.com
        > >> Subject: [irlp-embedded] Security upgrades required
        > >>
        > >> Hello,
        > >> I am looking for instructions to upgrade PHP and Apache on our embedded node.
        > >>
        > >> Our institution recognizes the the current version as a risk.
        > >>
        > >> Can anyone get me pointed in the right direction?
        > >>
        > >> Steve
        > >>
        > >
        > >
        > >
        >
      • David Cameron (IRLP)
        How old is the embedded node - There should be a program called elvis which is symbolic linked to VI. It is a small vi clone. nano is installed as the editor
        Message 3 of 7 , Jun 2, 2011
        • 0 Attachment
          How old is the embedded node - There should be a program called elvis
          which is symbolic linked to VI. It is a small vi clone.

          nano is installed as the editor of choice for most embedded owners.

          Dave Cameron

          On 6/2/2011 1:15 PM, stevenclary wrote:
          > Thanks Dave!
          >
          > I went to make the change only to realize the VI is not on the machine. Frustrated...
          >
          >
          >
          > --- In irlp-embedded@yahoogroups.com, "David Cameron (IRLP)"<dcameron@...> wrote:
          >>
          >> I have had a chance to sit at my computer and find the line you have to
          >> change:
          >>
          >> export USE_IRLP_WEBADMIN=YES
          >>
          >> need to be
          >>
          >> export USE_IRLP_WEBADMIN=NO
          >>
          >> Save the file, then run flash_sync, and reboot your node.
          >>
          >> Dave Cameron
          >> VE7LTD
          >>
          >> On 6/1/2011 9:49 AM, David Cameron wrote:
          >>> In the file
          >>>
          >>> /home/irlp/features/features.env
          >>>
          >>> You can disable the remote admin by changing the YES to a NO on the line which mentions remote admin.
          >>> Don't forget to run
          >>>
          >>> flash_sync
          >>>
          >>> and then reboot.
          >>>
          >>> Dave Cameron
          >>>
          >>>
          >>> --------------------------------------------------------
          >>> David Cameron - VE7LTD
          >>> IRLP System Designer - http://www.irlp.net
          >>>
          >>> -----Original Message-----
          >>> From: "stevenclary"<steve_clary@...>
          >>> Sender: irlp-embedded@yahoogroups.com
          >>> Date: Wed, 01 Jun 2011 12:45:28
          >>> To:<irlp-embedded@yahoogroups.com>
          >>> Reply-To: irlp-embedded@yahoogroups.com
          >>> Subject: [irlp-embedded] Re: Security upgrades required
          >>>
          >>> I will attempt to obtain more information about the actual risk. In the meantime, I will just turn off Apache - but can you tell me what the remote admin is, and how to turn it off? (It's been a while since I've done aything with IRLP).
          >>>
          >>> --- In irlp-embedded@yahoogroups.com, "David Cameron"<dcameron@> wrote:
          >>>>
          >>>> I will have to look into a viable process to do this upgrade. The short answer would be to download the update tar package from Slackware and overwrite the current setup with the update package.
          >>>>
          >>>> Note that the PHP used is just the PHP interpreter that comes with apache.
          >>>>
          >>>> Do you have information on the risks you can forward?
          >>>>
          >>>> Also, are you using the remote admin portion of your node? If not, then you can safely turn off apache.
          >>>>
          >>>> Dave
          >>>> --------------------------------------------------------
          >>>> David Cameron - VE7LTD
          >>>> IRLP System Designer - http://www.irlp.net
          >>>>
          >>>> -----Original Message-----
          >>>> From: "stevenclary"<steve_clary@>
          >>>> Sender: irlp-embedded@yahoogroups.com
          >>>> Date: Tue, 31 May 2011 15:37:29
          >>>> To:<irlp-embedded@yahoogroups.com>
          >>>> Reply-To: irlp-embedded@yahoogroups.com
          >>>> Subject: [irlp-embedded] Security upgrades required
          >>>>
          >>>> Hello,
          >>>> I am looking for instructions to upgrade PHP and Apache on our embedded node.
          >>>>
          >>>> Our institution recognizes the the current version as a risk.
          >>>>
          >>>> Can anyone get me pointed in the right direction?
          >>>>
          >>>> Steve
          >>>>
          >>>
          >>>
          >>>
          >>
          >
          >
          >
        Your message has been successfully submitted and would be delivered to recipients shortly.