Date:  Sat, 9 Sep 2006 18:14:58 -0400
From:  "Brian N. Smith" <brian (at mark) nuonce.net>
Subject:  [coba-e:06809] Re: /TMP Directory
To:  <coba-e (at mark) bluequartz.org>
Message-Id:  <007f01c6d45d$635f8810$1e64a8c0@moe>
References:  <002701c6d450$c0c58480$6400a8c0@YOUR4105E587B6>
X-Mail-Count: 06809

> just want to make sure the /TMP security is enabled where files 
> can't be run
> there.  While I don't think the DDOS attack was successful in 
> running the
> script, it was successful in shutting down the serer due to MySQL 
> becoming

[root@bq1 ~]# mount | grep "/tmp"
/dev/md2 on /tmp type ext3 (rw,noexec,nosuid)

If your output looks like mine, your good.  Your looking for

(rw,noexec,nosuid)

If it isn't there, you can do this;

# Remount /tmp to be non-executable!
/usr/bin/perl -pi -e "if (/\/tmp/) { s/defaults/noexec,nosuid,rw/ }" 
/etc/fstab
/bin/mount -o remount /tmp

Thanks!
Brian