On Thu, May 28, 2009 at 1:39 PM, Harold Hallikainen wrote: > By the way, I see a lot of requests for > ../../../../etc/passwd on my server logs. I have a script that blocks the > IP address of people that try to do that (along with a bunch of other > things). > On a secure system they won't get anything particular from that file -- if your server configured correctly you cannot get any files that does not belong to the wwwroot. And of course on most modern unix/linux you will have shadow passwords so even if they could get that file they will not able to do an offline dictionary or brute force attack. They could get the user names out of it so they could try to do it online, but again then your system should be able to block these. And of course you should never enter real names and phone numbers or any valuable information to the passwd file so that they will be hard to do the old style of social engeneering either. BTW: What are you doing with the IP addresses that are coming from a provider that gives the IPs dynamically to their users? Tamas -- http://www.mcuhobby.com -- http://www.piclist.com PIC/SX FAQ & list archive View/change your membership options at http://mailman.mit.edu/mailman/listinfo/piclist