It's not a solution for every box. Personally, I uninstall ssh, telnet, ftp, etc. if unneeded on production boxes and I've never had any issues with system stability. What package management system are you using?
It's part of the usual, "if you don't need functionality X, remove it" approach. Better to catch it in mod_security, but then you can't have a message board where people are discussing wget exploits.
It's intended to be a fall back in case you don't get your system patched, or in case of a 0-day. Having said that, I do believe blocking common vectors is good practice - specially where you have others writing the PHP code that lives on your server.
It's part of the usual, "if you don't need functionality X, remove it" approach. Better to catch it in mod_security, but then you can't have a message board where people are discussing wget exploits.
It's intended to be a fall back in case you don't get your system patched, or in case of a 0-day. Having said that, I do believe blocking common vectors is good practice - specially where you have others writing the PHP code that lives on your server.
[ reply ]
Link to this comment: http://www.securityfocus.com/comments/infocus/1871/669#669