[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-users] CERT Advisory a few things I did
- Subject: Re: [cobalt-users] CERT Advisory a few things I did
- From: "Manuel Noriega" <cobalt@xxxxxxxxxxxxxxxxxxxxx>
- Date: Tue Sep 17 09:07:01 2002
- List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>
> >I did this on both RAQ3 and 4
>
> >maybe this will help somone the
>
> >
>
> >Disable gcc except for root
>
> >
>
> >chmod 700 /usr/bin/gcc
>
> >
>
> >Make Apache banner show min data
>
> >
>
> >cp /etc/httpd/conf/httpd.conf /etc/httpd/conf/httpd.conf.bak
>
> >pico -w /etc/httpd/conf/httpd.conf
>
> >and
>
> >#added to remove banner 16/09/2002
>
> >ServerTokens Min
>
> >
>
> >Turn off SSLv2
>
> >
>
> >and at
>
> ># global ssl setup
>
> ><IfModule mod_ssl.c>
>
> >add
>
> >
>
> >SSLCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:!SSLv2:+EXP
>
> >
>
> >
>
> >/etc/rc.d/init.d/httpd restart
>
> >
>
> >
>
> >Do same on admin serv
>
> >
>
> >
>
> >on adminserv
>
> >cp /etc/admserv/conf/ssl.conf /etc/admserv/conf/ssl.conf.bak
>
> >cp /etc/admserv/conf/httpd.conf /etc/admserv/conf/httpd.conf.bak
>
> >
>
> >pico -w /etc/admserv/conf/ssl.conf
>
> >
>
> >!SSLv2 and unhash that line
>
> >
>
> >pico -w /etc/admserv/conf/httpd.conf
>
> >
>
> >
>
> >#added to remove banner 16/09/2002
>
> >ServerTokens Min
>
> >
>
> >
>
> >
>
> >/etc/rc.d/init.d/admserv restart
>
> >>
>
>
I modified the httpd and admserv files, but received the following message
after restarting the admserv.
Stopping admin web server: ahttpd
Starting admin web server:
Invalid certificates for main site -- Not starting SSL
/usr/sbin/httpd
Is this normal? Or do I need to do something else?
Thanks,
Manuel