I miss y'all too (usually on days like today when I'm up at 3:30 catching a flight and have yet to figure out how to sleep on a plane LOL).....
Sorry about the "personal" messages on list :) On Mon, Apr 22, 2013 at 10:50 AM, Wilson, Brooks <brooks.wil...@atl.frb.org>wrote: > Dawn:**** > > ** ** > > Thanks! We miss you!**** > > ** ** > > Sincerely, Brooks**** > ------------------------------ > > Brooks Wilson | Senior Web Developer Programmer/Analyst > *Technology Solutions Services | **Application Delivery Services* > > Federal Reserve Bank of Atlanta | 1000 Peachtree Street, Atlanta, GA > 30309-4470**** > > Phone: 404.498.8178 | Fax: 404.498.8239 | Mobile: 404.985.9270**** > > Email: brooks.wil...@atl.frb.org**** > > ** ** > > *From:* ad...@acfug.org [mailto:ad...@acfug.org] *On Behalf Of *Dawn > Hoagland > *Sent:* Friday, April 19, 2013 1:23 PM > *To:* discussion@acfug.org > *Subject:* Re: [ACFUG Discuss] CF 9 IP restriction**** > > ** ** > > I'm fairly certain that's the only thing. John H. should still have the > documentation I wrote for locking down instances (although it's geared > toward multi-server).**** > > ** ** > > On Fri, Apr 19, 2013 at 1:20 PM, Teddy R Payne <teddyrpa...@gmail.com> > wrote:**** > > If I recall, there is more than one xml file or child node that has > interface set to asterisk. > > Sent from my iPhone**** > > > On Apr 19, 2013, at 9:38 AM, Dawn Hoagland <dawnhoagl...@gmail.com> wrote: > **** > > Assuming a single server, development instance install.....**** > > ** ** > > *{installLocation}\runtime\servers\coldfusion\SERVER-INF\jrun.xml***** > > ** ** > > Update the "interface" attribute in the following service class**** > > ** ** > > * <service class="jrun.servlet.http.WebService" name="WebService">***** > > * <attribute name="port">8500</attribute>***** > > * <attribute name="interface">127.0.0.1</attribute>***** > > * <attribute name="deactivated">false</attribute>***** > > * <attribute name="activeHandlerThreads">50</attribute>***** > > * <attribute name="minHandlerThreads">1</attribute>***** > > * <attribute name="maxHandlerThreads">1000</attribute>***** > > * <attribute name="mapCheck">0</attribute>***** > > * <attribute name="threadWaitTimeout">300</attribute>***** > > * <attribute name="backlog">500</attribute>***** > > * <attribute name="timeout">300</attribute>***** > > * </service>***** > > ** ** > > On Fri, Apr 19, 2013 at 9:16 AM, Wilson, Brooks <brooks.wil...@atl.frb.org> > wrote:**** > > Greetings:**** > > **** > > I’ve lost my notes on how to secure the IP address when setting up a CF 9 > server for local development. I had instructions on how to make the CF > built in server accessible only from the local host. Please post them if > you have them.**** > > **** > > TIA, Brooks**** > ------------------------------ > > Brooks Wilson | Senior Web Developer Programmer/Analyst > *Technology Solutions Services | Application Delivery Services***** > > Federal Reserve Bank of Atlanta | 1000 Peachtree Street, Atlanta, GA > 30309-4470**** > > Phone: 404.498.8178 | Fax: 404.498.8239 | Mobile: 404.985.9270**** > > Email: brooks.wil...@atl.frb.org**** > > **** > > *From:* ad...@acfug.org [mailto:ad...@acfug.org] *On Behalf Of *Charlie > Arehart > *Sent:* Friday, April 12, 2013 6:18 PM > *To:* discussion@acfug.org > *Subject:* RE: [ACFUG Discuss] 9.01 vs 9.02**** > > **** > > Steve, this is a point I just made in one of my replies this week to Ajas, > but to reiterate, any security hotfixes created by Adobe are created for > 9.0, 9.0.1, and 9.0.2. So no, you are not in any danger, as long as you > always apply the latest HFs. > > As for not updating to Java 7, yes, technically you are “in danger”, in > that Oracle has EOLed java 6 and are NOT offering new updates for Java 6. > So if there are new vulnerabilities identified, they will only update Java > 7, not 6 (just as if Adobe fixes CF now, they only do it for CF 10 and 9, > not 8 or earlier). The EOL of java 6 was only in the past couple of months, > so at least you can update to a 8relatively recent* JVM update, just not > THE latest one. > > Finally, as for your observation about the wording of the Adobe mention > about “supported jdks”, I assume you are referring to the first sentence of > step 1 in this doc: > http://helpx.adobe.com/coldfusion/kb/change-coldfusion-jvm.html > > “Download and install a supported version of JDK.” > > I suppose that’s just a CYA statement. (And if this doc may have existed > for CF9 before the update that allowed 1.7, it was referring to them > supporting only Java 1.6. Indeed, until about mid-last year, they only > supported up to 1.6.0_24.) But I agree with you it would be better if > they’d show or point to some table to clarify what JVMs are supported by > what versions of CF. (Seems a good blog opportunity!) > > /charlie**** > > **** > > *From:* ad...@acfug.org [mailto:ad...@acfug.org <ad...@acfug.org>] *On > Behalf Of *Steven > *Sent:* Friday, April 12, 2013 8:35 AM > *To:* discussion@acfug.org > *Subject:* [ACFUG Discuss] 9.01 vs 9.02**** > > **** > > All,**** > > while we're on the subject of patching & upgrades..**** > > last night I patched our *9.01* box with the latest hotfix4 from > http://helpx.adobe.com/coldfusion/kb/hot-fixes-coldfusion-9.html**** > > and I followed the steps there.**** > > **** > > But I'm still fuzzy on a couple things..**** > > **** > > I didn't want to go through the hassle of doing a complete > uninstall/reinstall to get the box over to the 9.02 series. Am I still in > danger of having security holes that aren't addressed by the 9.01 series > hotfixes?**** > > **** > > And, also within this hotfix4 I applied -- an "optional" step is to > upgrade the jvm by getting the latest jdk from oracle, modifying the > jvm.config to call the new, etc. I elected not to touch the jvm and we are > still using native (out of the box ver). Am I again in danger of new > security issues? (I have another Adobe rant. They mention in this step to > use only the JDKs which are compatible with cf9 -- but don't bother within > the instructions to tell you which are compatible!).**** > > **** > > How did you guys approach your cf9 patching?**** > > Happy Friday.**** > > **** > > Thx,**** > > Steve**** > > **** > > > ------------------------------------------------------------- > To unsubscribe from this list, manage your profile @ > http://www.acfug.org?fa=login.edituserform > > For more info, see http://www.acfug.org/mailinglists > Archive @ http://www.mail-archive.com/discussion%40acfug.org/ > List hosted by FusionLink <http://www.fusionlink.com> > ------------------------------------------------------------- **** > > > ------------------------------------------------------------- > To unsubscribe from this list, manage your profile @ > http://www.acfug.org?fa=login.edituserform > > For more info, see http://www.acfug.org/mailinglists > Archive @ http://www.mail-archive.com/discussion%40acfug.org/ > List hosted by FusionLink <http://www.fusionlink.com> > ------------------------------------------------------------- **** > > > > **** > > ** ** > > -- > Dawn**** > > > > **** > > ** ** > > -- > Dawn**** > > ------------------------------------------------------------- > To unsubscribe from this list, manage your profile @ > http://www.acfug.org?fa=login.edituserform > > For more info, see http://www.acfug.org/mailinglists > Archive @ http://www.mail-archive.com/discussion%40acfug.org/ > List hosted by FusionLink <http://www.fusionlink.com> > ------------------------------------------------------------- -- Dawn
