Re: [Snort-users] WEB-MISC httpd directory traversal

----- Original Message -----
From: "Everett Littles" <bigtony@mac.com>
To: <Snort-users@lists.sourceforge.net>
Sent: Tuesday, March 01, 2005 8:48 PM
Subject: [Snort-users] WEB-MISC httpd directory traversal


> I've been noticing a lot of these "WEB-MISC httpd directory traversal"
> alerts. Is this something that I should even worry about if my Apache
> is up to date (1.3.33)? I checked the signature on this, but the
> corrective action seems pretty non-descriptive. It just says to apply
> to vendor supplied patches. It also does not list the affected
> systems. Just trying to make some sense of this.

What this usually means is that in your httpd.conf, you have a 'Indexes' or
'+Indexes'
defined for areas where you are serving files. The end result is that if a
given directory
does NOT have a index.htm, index.html, default.htm, default.html located
within it, it will
generate a directory style listing of the files within the directory (in
some cases, this can
be a VERY bad thing). What you want to do is review the content of your web
server
and directories which are lacking a index.htm should have one added, or you
can simply
remove the 'Indexes' or '+Indexes' from the httpd.conf (make a backup of
this file before
proceeding).

Bill



-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click
_______________________________________________
Snort-users mailing list
Snort-users@lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/...fo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.p...st=snort-users