[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-users] Re: is this what we've been discussing - CERT Advisory CA-2002-27 Apache/mod_ssl Worm
- Subject: Re: [cobalt-users] Re: is this what we've been discussing - CERT Advisory CA-2002-27 Apache/mod_ssl Worm
- From: "Dave Thurman (Mailing List Email)" <listonly@xxxxxxxxxxxxxxxxxxxx>
- Date: Sun Sep 15 14:46:01 2002
- List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>
on 9/15/02 4:25 PM, Gerald Waugh stated:
> On Sunday 15 September 2002 16:26, Dave Thurman (Mailing List Email) wrote:
>> on 9/15/02 2:21 PM, Gerald Waugh stated:
>>> How can you tell which openssl version apache (mod_ssl) is using?
>>>
>>> Gerald
>>
>> So would recompiling OpenSSL-0.9.5g using the --flags and tell it to do
>> --prefix=/usr/share/ssl actually install over the Sun/Cobalt openssl's
>> current version. I guess my question is where are the files on Cobalt when
>> a stock install is /usr/local/ssl?? This is surely not rocket scientist
>> stuff.
>>
>> Doing Netcraft, looking at the phpinfo file or a environment Perl script
>> all show the old one. So it must not be overwriting the proper files.
>
> SSL is compiled into libssl (mod_ssl)
>
> locate libssl
> /lib/libssl.so.0.9.6b
> /lib/libssl.so.2
> /usr/lib/apache/libssl.so
> /usr/local/ssl/lib/libssl.a
Isn't that badboy from the non-cobalt install??
--
Thanks!!
Dave Thurman
The Web Presence Group / www.webpresencegroup.net
Listonly <at> webpresencegroup.net / Spam Block 8^Q