On Tue, Jul 28, 2015 at 4:12 PM, Moshe Katz mo...@ymkatz.net wrote:
Again, I agree with you that this shouldn't affect your score. I am
simply explaining why they do it.
based on this explanation, i agree. there's no reason for them to demand
your certificate also signs any other domain
On 29.07.2015 18:02, Vick Khera wrote:
On Tue, Jul 28, 2015 at 4:12 PM, Moshe Katz mo...@ymkatz.net wrote:
Again, I agree with you that this shouldn't affect your score. I am
simply explaining why they do it.
based on this explanation, i agree. there's no reason for them to demand
your
On Tue, Jul 28, 2015 at 3:44 PM, Vick Khera vi...@khera.org wrote:
On Sun, Jul 26, 2015 at 10:31 PM, Ryan Coleman ryan.cole...@cwis.biz
wrote:
I have an issue with Qualy’s: They ding my certification because I have
domain.com
http://domain.com/
on it and not www.domain.com
On Jul 28, 2015, at 2:50 PM, Moshe Katz mo...@ymkatz.net wrote:
On Tue, Jul 28, 2015 at 3:44 PM, Vick Khera vi...@khera.org
mailto:vi...@khera.org wrote:
On Sun, Jul 26, 2015 at 10:31 PM, Ryan Coleman ryan.cole...@cwis.biz
wrote:
I have an issue with Qualy’s: They ding my
On Tue, Jul 28, 2015 at 3:54 PM, Ryan Coleman ryan.cole...@cwis.biz wrote:
On Jul 28, 2015, at 2:50 PM, Moshe Katz mo...@ymkatz.net wrote:
On Tue, Jul 28, 2015 at 3:44 PM, Vick Khera vi...@khera.org mailto:
vi...@khera.org wrote:
On Sun, Jul 26, 2015 at 10:31 PM, Ryan Coleman
On Sun, Jul 26, 2015 at 10:31 PM, Ryan Coleman ryan.cole...@cwis.biz
wrote:
I have an issue with Qualy’s: They ding my certification because I have
domain.com
http://domain.com/
on it and not www.domain.com
http://www.domain.com/
(multi-site cert).
That’s not a reason to lower a
On Jul 24, 2015, at 5:18 PM, Ted Byers r.ted.by...@gmail.com wrote:
On Fri, Jul 24, 2015 at 6:29 PM, Chris Buechler c...@pfsense.com wrote:
On Fri, Jul 24, 2015 at 5:20 PM, Ted Byers r.ted.by...@gmail.com wrote:
This is an external scan. We forward ports such as 443 and 22 to
specific
I have checked our installation of our website (a classic protected LAN
with a DMZ formed by two pfsense machines serving as our inner and outer
firewall, and one machine in the DMZ and the rest behind the inner
firewall) using a PCI scanner.
The PCI scan identified two vulnerabilities WRT our
I'm 95% sure the answer is wait for the developers to fix those issues
and/or become a developer and fix those issues :-).
Configuration of lighttpd is controlled by the pfSense management
framework, so once you discover the correct invocation, you could
locally modify the PHP file that
Ted Byers wrote on Fri, Jul 24 2015 at 3:51 pm:
First, the scanner complains that TLS1 is supported and we need to restrict
it to TLS1.2.
Second, it appears that ssh-server on pfsense is version 6.6
Is this an internal scan or external? Hopefully those aren't exposed
externally.
If you are forwarding the ports to other machines, it is those machines
which need and update, not pfSense.
This is the test: get out your ssh client of choice and connect to the port
from outside. If you get something that is not pfSense, then upgrading ssh
on your firewall isn't going to help.
Thanks for this. I'd hoped it would be as simple as apt-get-update
apt-get upgrade apt-get update openssh-server. That is,whatever the
equivalent of apt-get is on a pfsense machine, I'd hoped it would be a
command invoked from ssh to ask the system to check for updates and apply
any found.
This is an external scan. We forward ports such as 443 and 22 to specific
Ubuntu machines. But both sshd and apache have been configured to accept
only TLS1.2
Port 443 must be open to support the web server in our DMZ, and we need ssh
to connect to each machine for administration purposes. (if
Thanks. I will do this this evening.
Thanks
ted
On Fri, Jul 24, 2015 at 6:18 PM, David Burgess apt@gmail.com wrote:
On Fri, Jul 24, 2015 at 4:14 PM, Ted Byers r.ted.by...@gmail.com wrote:
Thanks for this. I'd hoped it would be as simple as apt-get-update
apt-get upgrade apt-get
We have version 2.2.2.
What is the easiest way to upgrade on eminor versiion? On Ubuntu, I'd use
'apr-get update' and/or 'apt-get upgrade', or one of the variants thereof.
But, if I understand correctly, pfsense is built on freeBSD, about which I
know nothing.
Thanks
Ted
On Fri, Jul 24, 2015
On Fri, Jul 24, 2015 at 4:14 PM, Ted Byers r.ted.by...@gmail.com wrote:
Thanks for this. I'd hoped it would be as simple as apt-get-update
apt-get upgrade apt-get update openssh-server. That is,whatever the
equivalent of apt-get is on a pfsense machine, I'd hoped it would be a
command
On Fri, Jul 24, 2015 at 3:51 PM, Ted Byers r.ted.by...@gmail.com wrote:
I have checked our installation of our website (a classic protected LAN
with a DMZ formed by two pfsense machines serving as our inner and outer
firewall, and one machine in the DMZ and the rest behind the inner
firewall)
On Fri, Jul 24, 2015 at 6:29 PM, Chris Buechler c...@pfsense.com wrote:
On Fri, Jul 24, 2015 at 5:20 PM, Ted Byers r.ted.by...@gmail.com wrote:
This is an external scan. We forward ports such as 443 and 22 to
specific
Ubuntu machines. But both sshd and apache have been configured to
On Jul 24, 2015, at 7:18 PM, Ted Byers r.ted.by...@gmail.com wrote:
On Fri, Jul 24, 2015 at 6:29 PM, Chris Buechler c...@pfsense.com wrote:
On Fri, Jul 24, 2015 at 5:20 PM, Ted Byers r.ted.by...@gmail.com wrote:
This is an external scan. We forward ports such as 443 and 22 to
specific
19 matches
Mail list logo
