Homemade Dot-Mac with OS X
Subject:   Re: This article is DANGEROUS!
Date:   2006-02-11 03:03:23
From:   Donaldo
Response to: Re: This article is DANGEROUS!

What this article really should have mentioned was to get an up-to-date version of Apache. Apache is very secure. It sounds however like the hacker acquired priveleges greater than what should be allocated to Apache, suggesting that Apple's out-of-the-box configuration of Apache for your system, npenny, was poor. This is in addition to your Apache being out-of-date.

Alan: A firewall wouldn't have helped if npenny's computer was compromised through Apache, which based on what he mentioned in his post, it probably was.

Readers: A firewall only blocks other systems on your network from accessing not-explicitly-exposed applications and services running on your system. This way every application is by default inaccessible, and if there is a vulnerability in one of them, they cannot be accessed by anyone on the other side of your firewall. If you want people to access your web server or any other application or service, then you must expose it to the internet, nullifying the effect of the firewall for that particular application / service.