Third if I telnet to port 80 and issue "GET / HTTP/1.0" the "Location" header
contain the local ip address not the public one, It's sat behind a firewall.
I tried the "server=external ip" in each connector but I still get the internal
ip address returned, any way to fix it?
If you want to bind tomcat to a specific IP, use the address="1.2.3.4"
attribute in the connector.
--David
Stuart Fox wrote:
Hi
First post so be kind :)
I've just run a nessus scan against one of our servers running tomcat 4.1.30
standalone on linux and its highlighed a few problems that I cant find config
options for.
First off is weak ssl ciphers, I've currently got
protocol="SSLv3"
ciphers="SSL_RSA_WITH_RC4_128_MD5,SSL_RSA_WITH_RC4_128_SHA,SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA"
For eash ssl connector as suggested here
http://www.nabble.com/SSL-Server-Supports-Weak-Encryption-Vulnerability-t1843999.html
However, nessus still says it supports weak ciphers. What have I missed?
Second it says I have UserDir enabled (like apache mod_userdir I assume) but
again I cant find a way to disable it
Third if I telnet to port 80 and issue "GET / HTTP/1.0" the "Location" header
contain the local ip address not the public one, It's sat behind a firewall.
I tried the "server=external ip" in each connector but I still get the internal
ip address returned, any way to fix it?
Lastly (I think) the version header is always "Apache-Coyote/1.1", any way to change it
to "Coyote" easily?
Thanks in advance!
Cheers
Stuart
This email and any files transmitted with it are confidential and intended
solely for the use of the individual or entity to whom they are addressed. If
you have received this email in error please notify netXtra Ltd. Please note
that any views or opinions presented in this email are solely those of the
author and do not necessarily represent those of the company. This email or any
attachments do not constitute an offer. The contents of this e-mail and any
attachments may contain viruses that could damage your own computer systems.
Whilst netXtra Ltd has taken every precaution to minimise this risk, we cannot
accept liability for any damage that you may sustain as a result of viruses
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
