LinuxQuestions.org
Support LQ: Use code LQ3 and save $3 on Domain Registration
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 07-20-2009, 09:29 PM   #1
alxasamy
LQ Newbie
 
Registered: Jul 2009
Location: Mumbai, India
Distribution: CentOS 5.5, RHEL5
Posts: 7

Rep: Reputation: 0
Vulnerabilities


Hi all,

I'm new at LQ. I recently joined a company and have been asked to manage a Linux box (RHEL 5), which is a web server (Apache2).

The PCI compliance scan for this web server indicates that Weak Supported SSL Cipher Suites and SSLv2 detection on ports 443, 465, 993, 995, 8443.

Another one is an unknown application on tcp port 1040.

Also there are many other issues being indicated in the report.

Thanks in advance for helping me to resolve the vulnerabilities.

Xavier.
 
Old 07-21-2009, 06:52 AM   #2
unSpawn
Moderator
 
Registered: May 2001
Posts: 27,458
Blog Entries: 54

Rep: Reputation: 2897Reputation: 2897Reputation: 2897Reputation: 2897Reputation: 2897Reputation: 2897Reputation: 2897Reputation: 2897Reputation: 2897Reputation: 2897Reputation: 2897
Welcome to LQ. Hope you like it here.

Quote:
Originally Posted by alxasamy View Post
I recently joined a company and have been asked to manage a Linux box (RHEL 5), which is a web server (Apache2).
Congratulations! If you haven't already, I should point out that RHEL comes with good administration documentation you should find the time to read.


Quote:
Originally Posted by alxasamy View Post
The PCI compliance scan for this web server indicates that Weak Supported SSL Cipher Suites and SSLv2 detection on ports 443, 465, 993, 995, 8443.
There's two related directives in httpd.conf governing this: SSLProtocol and SSLCipherSuite. Example:
SSLProtocol -all +TLSv1 +SSLv3
SSLCipherSuite HIGH:MEDIUM:!aNULL:+SHA1:+MD5:+HIGH:+MEDIUM
For more information see http://httpd.apache.org/docs/2.0/mod...sslciphersuite


Quote:
Originally Posted by alxasamy View Post
Another one is an unknown application on tcp port 1040.
There's multiple ways to find out as root from running 'lsof -P -n -i :1040 to 'fuser -n 1040' to the lesser efficient 'netstat -anpe|grep 1040'.
Also see 'getent services 1040' for any existing service definitions.


Quote:
Originally Posted by alxasamy View Post
Also there are many other issues being indicated in the report.
Please note that talking about errors or situations does not equal posting information about them (log lines, errors).
 
Old 07-22-2009, 10:45 AM   #3
alxasamy
LQ Newbie
 
Registered: Jul 2009
Location: Mumbai, India
Distribution: CentOS 5.5, RHEL5
Posts: 7

Original Poster
Rep: Reputation: 0
Thanks for the information Moderator.

I will try to get logs/errors/code in future posts.
 
Old 07-22-2009, 04:27 PM   #4
unSpawn
Moderator
 
Registered: May 2001
Posts: 27,458
Blog Entries: 54

Rep: Reputation: 2897Reputation: 2897Reputation: 2897Reputation: 2897Reputation: 2897Reputation: 2897Reputation: 2897Reputation: 2897Reputation: 2897Reputation: 2897Reputation: 2897
You're welcome. Just attach logging if you got any now.
 
Old 07-25-2009, 06:51 AM   #5
unSpawn
Moderator
 
Registered: May 2001
Posts: 27,458
Blog Entries: 54

Rep: Reputation: 2897Reputation: 2897Reputation: 2897Reputation: 2897Reputation: 2897Reputation: 2897Reputation: 2897Reputation: 2897Reputation: 2897Reputation: 2897Reputation: 2897
Because you have not posted any more vulnerabilities to look at (your "Also there are many other issues being indicated in the report." line) I take it your list is either exhausted or you do not want to discuss them here. Since configuring SSL in essence is a configuration task I have moved your posts and replies to its own thread in the Linux Software forum aptly called Please help with configuring SSL in Apache2.
 
  


Reply

Tags
apache2, pci, vulnerability


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Vulnerabilities in Cups phil66 Linux - Software 1 10-12-2008 12:12 PM
X11 vulnerabilities? GazL Slackware 7 07-01-2008 09:36 PM
IE Vulnerabilities, why not in other browsers? mandrakemikael Linux - Security 3 09-28-2004 11:43 AM
sendmail vulnerabilities odious1 Linux - Security 5 11-17-2003 09:06 AM
More BIND vulnerabilities jeremy Linux - Security 0 01-31-2001 08:29 PM


All times are GMT -5. The time now is 01:34 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration