Bezbedan Balkan Bezbednost državnih resursa Neadekvatno zaštićeni resursi v
napa.gov.rs - leek internal IP (fixovano)

Threaded Mode
napa.gov.rs - leek internal IP (fixovano)
y0d4 Away
/dev/null
*******
Posts: 330
Threads: 85
Joined: Sep 2022
Reputation: 109
#1
11-19-2022, 10:53 PM (This post was last modified: 11-19-2022, 10:56 PM by y0d4.)
lms.napa.gov.rs leakovan internal IP
https://leakix.net/domain/lms.napa.gov.rs
al deluje da je fixed jer ima last seen, tako da treba traziti doticnim da se skloni propust sa spiska, zbog IP adrese


zasto ovo kacim?
da se vidi da internet sve pamti, pa je pozeljno da nikada ne dodje do ovakvih propusta, kako ne bi internet zapamtio neke sensitive data...
Be critical thinker!
Find
Reply
1van Offline
Posting Freak
*****
Posts: 1,728
Threads: 664
Joined: Sep 2022
Reputation: 126
#2
11-20-2022, 12:48 PM (This post was last modified: 11-20-2022, 12:58 PM by 1van. Edit Reason: Typo. )
I to nije problem samo IP adresa na server-status stranici, već mogu da se vide verzije, putanje koje drugačije nije moguće videti, kao i npr. da je korišćen Mac za upload podataka (.DS_Store).

Arhivirano: https://archive.ph/aYPrx

[Image: attachment.php?aid=266]

Preporuke: Skloniti server-status URL, apdejtovati Apache i PHP, i skloniti sve nepotrebne fajlove koje odaju informacije.


Attached Files Image(s)
   
“If you think you are too small to make a difference, try sleeping with a mosquito.” - Dalai Lama XIV
Website Find
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)