[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[cobalt-users] CERT Advisory a few things I did

Subject: [cobalt-users] CERT Advisory a few things I did
From: Craig St George <craig@xxxxxxxxxxxxx>
Date: Sun Sep 15 14:24:00 2002
List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>

I did this on both RAQ3 and 4
maybe this will help somone the

Disable gcc except for root

chmod 700 /usr/bin/gcc

Make Apache banner show min data

cp /etc/httpd/conf/httpd.conf /etc/httpd/conf/httpd.conf.bak
pico -w /etc/httpd/conf/httpd.conf
and
#added to remove banner 16/09/2002
ServerTokens Min

Turn off SSLv2

and at
# global ssl setup
<IfModule mod_ssl.c>
add

SSLCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:!SSLv2:+EXP


/etc/rc.d/init.d/httpd restart


Do same on admin serv


on adminserv
cp /etc/admserv/conf/ssl.conf /etc/admserv/conf/ssl.conf.bak
cp /etc/admserv/conf/httpd.conf /etc/admserv/conf/httpd.conf.bak

pico -w /etc/admserv/conf/ssl.conf

!SSLv2  and unhash that line

pico -w /etc/admserv/conf/httpd.conf


#added to remove banner 16/09/2002
ServerTokens Min

/etc/rc.d/init.d/admserv restart

Follow-Ups:
- Re: [cobalt-users] CERT Advisory a few things I did
  - From: Dave Thurman (Mailing List Email)

Prev by Date: Re: [cobalt-users] Can't get administer a Qube after a reinstall
Next by Date: Re: [cobalt-users] Re: is this what we've been discussing - CERT Advisory CA-2002-27 Apache/mod_ssl Worm
Previous by thread: [cobalt-users] Apache OpenSSL vuln fix?
Next by thread: Re: [cobalt-users] CERT Advisory a few things I did

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index