[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] /tmp/-v ?
- Subject: Re: [cobalt-security] /tmp/-v ?
- From: shimi <shimi@xxxxxxxxxxxxxxxx>
- Date: Tue, 29 May 2001 00:45:45 -0700 (PDT)
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
On Mon, 28 May 2001, Gerald Waugh wrote:
> > On Sun, 27 May 2001, Gerald Waugh wrote:
> <snip>
> > > With SSL:
> > > admserv listening on ports 81, 444, normal httpd listening on port 80, and
> 443.
> > > Without SSL:
> > > admserv listening on ports 81,and 444, normal httpd listening on port 80.
> > > Is this correct?
>
> On Monday, May 28, 2001 4:30 PM "shimi" <shimi@xxxxxxxxxxxxxxxx> wrote
> > because my URL is https://www.domain.com:81/blablabla
> >
> > I believe that the : who states the port bypassws all defaults... besides,
> > if admserv listens on the normal httpd's security (ssl) port, where is
> > httpd (normal) listens? think about it :)
> >
> > I believe admserv always listens on 81, and serves SSL if an SSL cert is
> > installed. I might be wrong, of course :0
> >
> > - shimi.
>
> >From /etc/admserv/conf/httpd.conf
> line 282 Listen 81
> line 283 Listen 444
> Tells me that admserv-httpd is listening on ports 81 and 444
>
> >From /etc/httpd/conf/httpd.conf
> line 86 Port 80
> Tells me that httpd is listening on port 80
> line 339 if (/^<\/Virtual/ and (-f "/etc/httpd/ssl/$group")) {
> line 340 $ret = ssl_cert_check("/home/sites/$group/certs/");
> line 341 if ($ret=~/^2/o) {
> line 342 $PerlConfig .= "Listen $ip:443\n";
> line 343 $PerlConfig .= "<VirtualHost $ip:443>\n";
> Tells me that if VirtualHost is SSL then
> httpd also listens on port 443
> Gerald
>
>
I see.
Well I just connected to my RaQ as http://www.domain.com/admin. That went
through my webcaching. Then I was 302 redirected to
https://www.domain.com:81/.cobalt/sysManage/index.html
I saw a connection to port 81 in netstat, and then the authentication
came, I entered the details, and from netstat:
tcp 0 72 ras1-p89.tlv.netv:33991 www.domain.com:81 ESTABLISHED
tcp 0 72 ras1-p89.tlv.netv:33989 www.domain.com:81 ESTABLISHED
tcp 0 0 ras1-p89.tlv.netv:33987 www.domain.com:81 ESTABLISHED
clearly the second port isn't used. (444)
my raq doesn't listen to that port at all, and to tell you the truth I
have no idea why should it... https:// with no port goes to 443. to get to
444 you'll need to type that manually, and :81 already does that. perhaps
it's different in raq3 than other raqs, but for the best of my
understandment, they all connect to port 81...
Also, I'll add that according to /etc/services:
[shimi@www shimi]$ cat /etc/services | grep 444/
snpp 444/tcp # Simple Network Paging Protocol
snpp 444/udp # Simple Network Paging Protocol
which I'm not sure what it is now but it's definately not web...
- shimi.