similar to: Security implications of openssl098e on CentOS 7

Displaying 20 results from an estimated 7000 matches similar to: "Security implications of openssl098e on CentOS 7"

2015 Oct 21
6
Security implications of openssl098e on CentOS 7
On 10/21/2015 1:55 PM, Andrew Holway wrote: > Personally I would go round to that particular vendors office with a pipe > wrench and encourage them to do better however, unless this software is > transmitting credit card information then it seems that you could be > safe(ish) from the regulation standpoint. It really depends on the location > of the machine. Is it deep in the bowels
2015 Oct 21
1
Security implications of openssl098e on CentOS 7
On 10/21/2015 2:34 PM, Eero Volotinen wrote: > Remember that rhel/centos backports fixes, so just looking version > number is not reliable way to detect security issues. > > Eero Indeed, though I can say on CentOS 5 the required configuration to be PCI compliand is not valid in apache, and httpd will not start. -- ----------------------------------------------- - Nick Bright
2016 Mar 10
4
Troubleshooting mailbox problems
Greetings, I'm running Dovecot 2.0.9 on my CentOS 6 server, for several thousand mailboxes. Recently, I've had several reports of "my mailbox is suddenly empty, where'd my mail go?" I've enabled debug logging, but I'd like to make sure I have the best level of debug to see things like "delete message" commands? I've configured in logging:
2015 Nov 17
3
firewalld rule syntax
I'm still learning firewalld obviously, and I am having trouble groking the documentation to understand how to do this. I know I could do an iptables direct, but that doesn't seem like the "right" way to do it. What I'm trying to do is allow a specific service, only for a specific ip. Effectively, SNMP should be allowed form a specific IP address (the systems monitor).
2015 Nov 17
1
firewalld rule syntax
On 17 Nov 2015 17:30, "Nick Bright" <nick.bright at valnet.net> wrote: > > On 11/17/2015 11:12 AM, Nick Bright wrote: >> >> firewall-cmd --zone=monitoring --add-source=1.2.3.4/32 >> firewall-cmd --zone=monitoring --add-service=snmp >> firewall-cmd --zone=monitoring --add-interface=ens192 >> firewall-cmd --runtime-to-permanent > > I went
2015 Oct 21
0
Security implications of openssl098e on CentOS 7
Personally I would go round to that particular vendors office with a pipe wrench and encourage them to do better however, unless this software is transmitting credit card information then it seems that you could be safe(ish) from the regulation standpoint. It really depends on the location of the machine. Is it deep in the bowels of your high security nuclear bunker on an air gap network or is is
2015 Oct 21
0
Security implications of openssl098e on CentOS 7
Remember that rhel/centos backports fixes, so just looking version number is not reliable way to detect security issues. Eero 2015-10-21 21:18 GMT+03:00 Nick Bright <nick.bright at valnet.net>: > Greetings, > > I'm working with a new CentOS 7 installation, moving a system up from > CentOS 5 due to OpenSSL version 0.9.8e not meeting PCI Compliance > requirements. >
2015 Nov 06
2
firewalld being stupid
On 6 November 2015 at 21:49, Pete Travis <lists at petetravis.com> wrote: > On Nov 6, 2015 3:31 PM, "Nick Bright" <nick.bright at valnet.net> wrote: >> >> Greetings, >> >> One of my biggest frustrations with CentOS 7 has been firewalld. >> >> Essentially all of the documentation just flat doesn't work. >> >> One common
2015 Nov 16
3
firewalld being stupid
On 11/16/2015 01:39 PM, Nick Bright wrote: > This is very frustrating, and not obvious. If --permanent doesn't work > for a command, then it should give an error - not silently fail > without doing anything! But --permanent *did* work. What you're seeing is the documented behavior: --permanent The permanent option --permanent can be used to set options
2016 Jan 29
2
Where did network setup goes under setup utility in CentOS 7?
In CentOS 6.7 I ran setup command and I could configure network settings from that "gui" utility at command line. In CentOS 7 I don't know where this goes or how to enabled. I have installed a few packages: yum install setuptool -y \ && yum install system-config-network-tui -y \ && yum install system-config-firewall* -y \ && yum install
2016 Jun 08
2
Advice on once a day message delivery setup
I?m adding once a day mail delivery to my site. Messages are marked by the sender as ?overnight? or ?once a week? delivery. The way I?m planning on implementing this is to queue messages until midnight in a MySQL database. Each mailbox will be kept in two Dovecot mailstores. The first mailstore will give the users IMAP access to their mailbox. A second mailstore will hold the next day?s new
2015 Nov 17
4
firewalld being stupid
On Mon, November 16, 2015 16:39, Nick Bright wrote: > On 11/6/2015 3:58 PM, James Hogarth wrote: >> I have a couple of relevant articles you may be interested in ... >> >> On assigning the zone via NM: >> https://www.hogarthuk.com/?q=node/8 >> >> Look down to the "Specifying a particular firewall zone" bit ... >> remember that if you edit the
2015 Nov 06
4
firewalld being stupid
Greetings, One of my biggest frustrations with CentOS 7 has been firewalld. Essentially all of the documentation just flat doesn't work. One common thing that needs to be done is to change the zone of an interface, however I've tried: firewall-cmd --permanent --zone=internal --change-interface=ens192 firewall-cmd --permanent --zone=internal --add-interface=ens192 I've also tried
2015 Nov 16
2
CentOS-SCL - php 5.6?
Is there any information available about what packages are being planned for the SCL? For example, will PHP 5.6 be made available & maintained? By "maintained" I mean kept up to date with back ported security patches and such. -- ----------------------------------------------- - Nick Bright - - Vice President of Technology - -
2015 Nov 17
0
firewalld rule syntax
On 11/17/2015 11:12 AM, Nick Bright wrote: > firewall-cmd --zone=monitoring --add-source=1.2.3.4/32 > firewall-cmd --zone=monitoring --add-service=snmp > firewall-cmd --zone=monitoring --add-interface=ens192 > firewall-cmd --runtime-to-permanent I went ahead and tried this and found that the zone and service must first be created, which requires use of: firewall-cmd
2015 Nov 16
0
firewalld being stupid
On 11/6/2015 3:58 PM, James Hogarth wrote: > I have a couple of relevant articles you may be interested in ... > > On assigning the zone via NM: > https://www.hogarthuk.com/?q=node/8 > > Look down to the "Specifying a particular firewall zone" bit ... > remember that if you edit the files rather than using nmcli you must > reload NM (or do nmcli reload) for that
2015 Nov 17
0
firewalld being stupid
On 11/17/2015 8:18 AM, James B. Byrne wrote: > This behaviour is congruent with SELinux. One utility adjusts the > permanent configuration, the one that will be applied at startup. > Another changes the current running environment without altering the > startup config. From a sysadmin point of view this is desirable since > changes to a running system are often performed for
2015 Oct 21
0
Re: Security implications of openssl098e on CentOS 7
On Wed, 21 Oct 2015 20:58, Nick Bright <nick.bright at ...> wrote: > On 10/21/2015 1:55 PM, Andrew Holway wrote: >> Personally I would go round to that particular vendors office with a pipe >> wrench and encourage them to do better however, unless this software is >> transmitting credit card information then it seems that you could be >> safe(ish) from the
2014 Jun 05
0
CESA-2014:0626 Important CentOS 6 openssl098e Update
CentOS Errata and Security Advisory 2014:0626 Important Upstream details at : https://rhn.redhat.com/errata/RHSA-2014-0626.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: 4911acddf50a3f48cc5d2ce6f4011193a06112142a2d93e7e9f36aa7fd44e1bd openssl098e-0.9.8e-18.el6_5.2.i686.rpm x86_64:
2016 Mar 09
0
CESA-2016:0372 Important CentOS 6 openssl098e Security Update
CentOS Errata and Security Advisory 2016:0372 Important Upstream details at : https://rhn.redhat.com/errata/RHSA-2016-0372.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: e87cdaa0c6d6528e4395026ed75dd8c06d1d9cd20cbfc2b88b0d6046482aaa82 openssl098e-0.9.8e-20.el6.centos.1.i686.rpm x86_64: