LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 06-25-2004, 12:12 AM   #1
RickHDYoung
LQ Newbie
 
Registered: Jun 2004
Location: Sydney, Australia
Distribution: RedHat
Posts: 1

Rep: Reputation: 0
Question Apache/SSL - works with Windows client but not Linux client


Not sure if this should be a Security Forum Q or a Network Forum Q but here goes:

We have an Apache webserver protected by an appliance firewall (Symantec VelociRaptor). I can successfully access SSL pages on this server through the firewall using a Windoze client but cannot access the same pages through the firewall using a Linux client (using the same client IP address). The Linux client can successfully access the pages when the firewall is not in the way. Clearly the firewall is successfully passing 443 since the Windoze client works.

Symptoms are that Mozilla pops up a box about the certificate authority (does this at both locations and this is quite reasonable) then when you acknowlege this is "stalls" for a long time then pops up a box saying "connection terminated abnormally. Some data may have been transferred". Packet capture shows the client repeatedly PUSHing what seems to be the same packet and the server repeatedly ack'ing this sequence number.

I'm kind of guessing that the firewall may be altering the packet some way as it passes it and that Linux/Mozilla can't handle the change.

Has anyone else struck this? If so do they have any ideas as to what the firewall may be doing to stuff up the linux client (the firewall is linux-based BTW so it isn't sabotage by Uncle Bill ).

Any ideas appreciated.
Thanx
Rick
 
Old 07-01-2004, 04:02 PM   #2
unSpawn
Moderator
 
Registered: May 2001
Posts: 26,953
Blog Entries: 54

Rep: Reputation: 2732Reputation: 2732Reputation: 2732Reputation: 2732Reputation: 2732Reputation: 2732Reputation: 2732Reputation: 2732Reputation: 2732Reputation: 2732Reputation: 2732
Since you established SSL "works" (which is functionality that provides some form of secured access, not a security issue) this ain't a Linux - Security forum question by my std's. I would suggest two things: testing with more (preferably non-mozilla) Linux clients. If those tests succeed, then in the case it appears to be network munging by the Raptor you should be heading for either Symantec support (as you payed for the package, right?) or something like experts-exchange. After all it's not we don't wanna help, but this community is somewhat centered around Linux.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
ftp client with ssl support? Emanon Linux - Software 3 10-26-2006 02:28 PM
Apache, SSL, autentication and third party client certificates bezoomny Linux - Security 1 10-13-2005 07:28 AM
can not connect to my pureftp server from Linux client, but i can from windows client bonito Suse/Novell 5 03-16-2005 09:45 PM
implicit ssl ftp client jwijesundra Linux - General 0 01-19-2005 08:48 AM
linux router only works with one client at a time... badday Linux - Networking 3 09-25-2003 04:58 AM


All times are GMT -5. The time now is 08:59 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration