[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [cobalt-security] OpenSSL Worm in the wild....

Subject: RE: [cobalt-security] OpenSSL Worm in the wild....
From: "Terrance Dwyer" <td@xxxxxxxx>
Date: Sun, 15 Sep 2002 12:43:31 -0700
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

Don't think this fix works with Raq's with Apache 1.3.6.  See earlier R.
Milne's "Changing the Apache Banner" in this list suggesting adding this
line.  My RaQ3 has all patches and still reports 1.3.6. 

Thanks 
T. Dwyer
Wild Woods Inc. 

-----Original Message-----
From: cobalt-security-admin@xxxxxxxxxxxxxxx
[mailto:cobalt-security-admin@xxxxxxxxxxxxxxx] On Behalf Of Rick Ewart
Sent: Friday, September 13, 2002 6:54 PM
To: cobalt-security@xxxxxxxxxxxxxxx
Subject: [cobalt-security] OpenSSL Worm in the wild....

Perhaps I am stiring up something that isn't a problem, but I don't
think
so.... Read the items below....

Looks like everyone better at least minimize the info given out by the
Server... To do so:
edit /etc/httpd/conf/httpd.conf
and add the following line:
ServerTokens ProductOnly

References:
- [cobalt-security] OpenSSL Worm in the wild....
  - From: Rick Ewart

Prev by Date: Re: [cobalt-security] OpenSSL Worm in the wild....
Next by Date: Re: [cobalt-security] OpenSSL Worm in the wild....
Previous by thread: Re: [cobalt-security] OpenSSL Worm in the wild....
Next by thread: Re: [cobalt-security] OpenSSL Worm in the wild....

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index