Vulnerabilities
 

Hi all,

I'm new at LQ. I recently joined a company and have been asked to manage a Linux box (RHEL 5), which is a web server (Apache2).

The PCI compliance scan for this web server indicates that Weak Supported SSL Cipher Suites and SSLv2 detection on ports 443, 465, 993, 995, 8443.

Another one is an unknown application on tcp port 1040.

Also there are many other issues being indicated in the report.

Thanks in advance for helping me to resolve the vulnerabilities.

Xavier.

Welcome to LQ. Hope you like it here.

Congratulations! If you haven't already, I should point out that RHEL comes with good administration documentation you should find the time to read.


There's two related directives in httpd.conf governing this: SSLProtocol and SSLCipherSuite. Example:
SSLProtocol -all +TLSv1 +SSLv3
SSLCipherSuite HIGH:MEDIUM:!aNULL:+SHA1:+MD5:+HIGH:+MEDIUM
For more information see http://httpd.apache.org/docs/2.0/mod...sslciphersuite


There's multiple ways to find out as root from running 'lsof -P -n -i :1040 to 'fuser -n 1040' to the lesser efficient 'netstat -anpe|grep 1040'.
Also see 'getent services 1040' for any existing service definitions.


Please note that talking about errors or situations does not equal posting information about them (log lines, errors).

Thanks for the information Moderator.

I will try to get logs/errors/code in future posts.

You're welcome. Just attach logging if you got any now.

Because you have not posted any more vulnerabilities to look at (your "Also there are many other issues being indicated in the report." line) I take it your list is either exhausted or you do not want to discuss them here. Since configuring SSL in essence is a configuration task I have moved your posts and replies to its own thread in the Linux Software forum aptly called Please help with configuring SSL in Apache2.