Re: [CentOS] POODLE on CentOS
Modifying apache configuration to the following should take care of it. The SSLProtocol directive disables SSLv2 and SSLv3 and leaves other on. SSLProtocol all -SSLv2 -SSLv3 SSLHonorCipherOrder on SSLCipherSuite "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS" On Thu, Oct 16, 2014 at 7:41 PM, James B. Byrne wrote: > According to the centos wiki: > > Validating Changes > > You can use Qualys SSL Labs to verify that your web server is no longer > vulnerable to POODLE or TLS_FALLBACK_SCSV once all action is complete. You > might also want to only use TLSv1.2 for httpd on CentOS-6.5 (or higher) and > CentOS-7, while using TLSv1 on CentOS-5. > > > However, on my up-to-datestock CentOS-6.5 the httpd version is 2.2.15 and > attems to use SSLProtocols greater than v1 yield this error: > > > Syntax error on line 101 of /etc/httpd/conf.d/ssl.conf: > SSLProtocol: Illegal protocol 'TLSv1.1' > > > I presume that the wiki is in error but I would like confirmation of that > or > instructions on how to enable TLSv1.1 and 1.2 on CentOS-6.5. > > -- > *** E-Mail is NOT a SECURE channel *** > James B. Byrnemailto:byrn...@harte-lyne.ca > Harte & Lyne Limited http://www.harte-lyne.ca > 9 Brockley Drive vox: +1 905 561 1241 > Hamilton, Ontario fax: +1 905 561 0757 > Canada L8E 3C3 > > _______ > CentOS mailing list > CentOS@centos.org > http://lists.centos.org/mailman/listinfo/centos > -- Tharun Kumar Allu == ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] LPR to windows lpd question
On Mon, Dec 5, 2011 at 4:24 PM, wrote: > Tharun Kumar Allu wrote: >> Hi All, >> I am trying to print from a CentOS 5.3 server to a windows LPD >> service. After enabling the LPD service on Windows and creating a LPR >> port to a particular printer when I execute the following command on >> CentOS server I do not come out. >> lpr -H winprint:515 -P printer1 file.txt >> >> The above command does not exit. Do I need to configure anything on >> the server to be able to use lpr as a client ? >> Ultimately I want to use the above command to print to various >> printers based on different parameters. >> >> On a different note when I execute the same command on Fedora 14 I get >> Unknown as the error. > > Have you checked CUPS? <http://localhost:631> > > mark > Yes. The whole idea I am trying to achieve is not to install any printers on the server (if I can avoid) but use it as a client to print through a windows LPD service. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] LPR to windows lpd question
Hi All, I am trying to print from a CentOS 5.3 server to a windows LPD service. After enabling the LPD service on Windows and creating a LPR port to a particular printer when I execute the following command on CentOS server I do not come out. lpr -H winprint:515 -P printer1 file.txt The above command does not exit. Do I need to configure anything on the server to be able to use lpr as a client ? Ultimately I want to use the above command to print to various printers based on different parameters. On a different note when I execute the same command on Fedora 14 I get Unknown as the error. Thanks Tharun ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Antwort: Re: Strange connectivity problem from linux.
On Fri, Aug 28, 2009 at 4:01 AM, wrote: > Les Mikesell schrieb am 27.08.2009 20:53:14: >> I'd assume that 'telnet hostname 443' is intended to be a test for >> an https web service - which should in fact not permit a connection >> without ssl encryption. The linux version of telnet probably tries >> to do some options negotiations before it says it is connected and >> perhaps the windows version doesn't. A better test would be >> wget https://adp.eease.com > > Just for completeness, s_client(1) would be an alternative for > testing purposes, too. > > Frank. > ___ > CentOS mailing list > CentOS@centos.org > http://lists.centos.org/mailman/listinfo/centos > This is a nice tool. Gives the following error sometimes. $ openssl s_client -connect adp.eease.com:443 socket: Connection refused connect:errno=29 Thanks for pointing this tool out. -- Tharun Kumar Allu == ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Strange connectivity problem from linux.
On Thu, Aug 27, 2009 at 2:53 PM, Les Mikesell wrote: > Lanny Marcus wrote: >> On Thu, Aug 27, 2009 at 6:01 AM, Tharun Kumar Allu >> wrote: >> >>> When I telnet to >>> $ telnet adp.eease.com 443 >>> >>> it works fine some times and every 5-10 tries or so it says connection >>> refused. And this does not happen from my windows box. >>> >>> Can anyone from this list try this on their linux installation and see >>> if they get the same behaviour? >> >> [la...@dell2400 ~]$ telnet adp.eease.com 443 >> Trying 209.168.243.5... >> telnet: connect to address 209.168.243.5: Connection refused >> telnet: Unable to connect to remote host: Connection refused >> [la...@dell2400 ~]$ >> >> BTW: I have telnet and anonymous FTP disabled on my web sites. >> Suggest the person in charge of that box switch to SSH. > > I'd assume that 'telnet hostname 443' is intended to be a test for an > https web service - which should in fact not permit a connection without > ssl encryption. The linux version of telnet probably tries to do some > options negotiations before it says it is connected and perhaps the > windows version doesn't. A better test would be > wget https://adp.eease.com > > -- > Les Mikesell > lesmikes...@gmail.com > ___ > CentOS mailing list > CentOS@centos.org > http://lists.centos.org/mailman/listinfo/centos > wget behaves the same way $ wget https://adp.eease.com --2009-08-27 20:23:30-- https://adp.eease.com/ Resolving adp.eease.com... 209.168.243.5 Connecting to adp.eease.com|209.168.243.5|:443... failed: Connection refused. The network team at that site is trying to figure out what the problem is. Will update once they get back. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Strange connectivity problem from linux.
Thank you I tested this today morning from the windows machine and it is behaving the same ( connection refused ). So I guess Its the host. I have a call with the Host admin some time today. This test should help me point the issue to him. Thanks Tharun On Thu, Aug 27, 2009 at 7:58 AM, Rohan Gilchrist wrote: > I could only connect 3 times out of 10. This was from my > Mac laptop running Leopard. It would appear that something abnormal > is happening on this host. > > On Thu, 27 Aug 2009, Tharun Kumar Allu wrote: > >> Hi I have been facing a strange connectivity problem from CentOS and >> Fedora boxes. >> >> When I telnet to >> $ telnet adp.eease.com 443 >> >> it works fine some times and every 5-10 tries or so it says connection >> refused. And this does not happen from my windows box. >> >> Can anyone from this list try this on their linux installation and see >> if they get the same behaviour? >> >> Thanks >> Tharun ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Strange connectivity problem from linux.
Hi I have been facing a strange connectivity problem from CentOS and Fedora boxes. When I telnet to $ telnet adp.eease.com 443 it works fine some times and every 5-10 tries or so it says connection refused. And this does not happen from my windows box. Can anyone from this list try this on their linux installation and see if they get the same behaviour? Thanks Tharun ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] script
On Tue, Sep 30, 2008 at 3:47 PM, Mad Unix <[EMAIL PROTECTED]> wrote: > Dear ALL, > > I need some help with bash scripting, a script that search the content > of multiple files and replace old string ip "10.5.1.10" with the new > string ip "127.128.1.10" it will search in specific folder and sub > folders > > Thanks > ___ > CentOS mailing list > CentOS@centos.org > http://lists.centos.org/mailman/listinfo/centos > sed -i 's/10.5.1.10/127.128.1.10/' should help you example find /path/ | xargs sed -i 's/ 10.5.1.10/127.128.1.10/' -- Tharun Kumar Allu == ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] sudoers
On Wed, Jul 9, 2008 at 10:52 AM, Mário Gamito <[EMAIL PROTECTED]> wrote: > Yes, I do. > > On Wed, Jul 9, 2008 at 3:24 PM, Tharun Kumar Allu <[EMAIL PROTECTED]> > wrote: > > > > > > On Wed, Jul 9, 2008 at 9:19 AM, Mário Gamito <[EMAIL PROTECTED]> wrote: > >> > >> Hi, > >> > >> I need to run /bin/mount and /sbin/mount.cifs commands as nobody user > >> (it has (bin/bash shell). > >> > >> So, I've edited /etc/sudoers and added: > >> > >> Cmnd_AliasCMD_MOUNT = /bin/mount > >> Cmnd_AliasCMD_CIFS ) = /sbin/mount.cifs > >> > >> nobody ALL = NOPASSWD: CMD_MOUNT > >> nobody ALL = NOPASSWD: CMD_CIFS > >> > >> But when I run the command as nobody (in the shell), I get the error: > >> "mount error 1 = Operation not permitted" > >> > >> Any ideas ? > >> > >> Any help would be appreciated. > >> > >> Warm Regards, > >> Mário Gamito > >> > > > > May be it is a stupid question but did you execute the command with sudo > in > > logged in as user nobody > > > > [EMAIL PROTECTED] sudo /bin/mount[.cifs] > > > Another stupid question are you editing /etc/sudoers using visudo? normally located at /usr/sbin/visudo ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] sudoers
On Wed, Jul 9, 2008 at 9:19 AM, Mário Gamito <[EMAIL PROTECTED]> wrote: > Hi, > > I need to run /bin/mount and /sbin/mount.cifs commands as nobody user > (it has (bin/bash shell). > > So, I've edited /etc/sudoers and added: > > Cmnd_AliasCMD_MOUNT = /bin/mount > Cmnd_AliasCMD_CIFS ) = /sbin/mount.cifs > > nobody ALL = NOPASSWD: CMD_MOUNT > nobody ALL = NOPASSWD: CMD_CIFS > > But when I run the command as nobody (in the shell), I get the error: > "mount error 1 = Operation not permitted" > > Any ideas ? > > Any help would be appreciated. > > Warm Regards, > Mário Gamito > > May be it is a stupid question but did you execute the command with sudo in logged in as user nobody [EMAIL PROTECTED] sudo /bin/mount[.cifs] -- Tharun Kumar Allu == ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos