HostedDinner Posted August 31, 2011 Posted August 31, 2011 I don't know if it is intented, but on http://www.stevie.heliohost.org/ and the IP of it http://65.19.143.2/ you can see the filelisting with some subfolders, which shouldn't be visible I guess
Piotr GRD Posted August 31, 2011 Posted August 31, 2011 For many months if not longer, I don't even remember when I've spot it for the first time.
jje Posted August 31, 2011 Posted August 31, 2011 It appears that the server's root is pointing to /home/djbob/public_html/ on Stevie. I'm not going to touch anything, so This support request is being escalated to our root admin.
Krydos Posted August 31, 2011 Posted August 31, 2011 Why not just drop an index file there that redirects to heliohost.org or something? Then djbob can fix or unfix it as he sees fit when he has a chance? I don't really see how that could hurt anything.
jje Posted August 31, 2011 Posted August 31, 2011 Good idea, Krydos. I have added an index.html to the directory which redirects to HelioHost.org.
Guest xaav Posted August 31, 2011 Posted August 31, 2011 This has always been the case; is this affecting your website or something?
Krydos Posted August 31, 2011 Posted August 31, 2011 I think he was just concerned that something might be broken, or it was a security vulnerability.
Guest xaav Posted August 31, 2011 Posted August 31, 2011 This support request is being escalated to our root admin. Why was it esclated then? How is it a security vulnerability? You won't be able to gain access to our server via any of those files.
Krydos Posted September 1, 2011 Posted September 1, 2011 Why was it esclated then? How is it a security vulnerability? You won't be able to gain access to our server via any of those files. You'd have to ask jje, but I'm guessing that based on this Good idea, Krydos. I have added an index.html to the directory which redirects to HelioHost.org. he hadn't thought to dropping a redirect index file in there so he escalated it? I didn't actually look at any of those files so I have no idea if the directory listing should be visible or not or if it presented any vulnerability or not. If you're certain there is no threat feel free to de-escalate this thread, or jje can do it. If nothing else this thread can be a note to djbob that basically just says, "Hey, we messed with the files in your stevie account a little. Hope it's all good."
jje Posted September 1, 2011 Posted September 1, 2011 @xaav - I escalated this because djbob might not want an index file there, and I just wanted to let him know that that's what I did. You can deescalate this if you want.
Piotr GRD Posted September 1, 2011 Posted September 1, 2011 xaav is right. It's not critical in any way. And it is available for long time, if something malicious could be done it would be done by someone already. Most interesting things I found (long time ago) with this are some mp3's (legal or not, djbob?... ;> ) and the couple of years old letter where djbob asks for some funds to buy/get new better server for HelioHost. : )
jje Posted September 1, 2011 Posted September 1, 2011 This support request is being deescalated from our root admin.
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now