Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: SSL/TLS renegotiation DoS -how to disable? Is it advisable to disable?
Operating Systems Linux Red Hat SSL/TLS renegotiation DoS -how to disable? Is it advisable to disable? Post 302567289 by mark54g on Sunday 23rd of October 2011 08:33:56 PM
Old 10-23-2011
What about max connections per client?

Apache Max Client - HTML Forums - Free Webmaster Forums and Help Forums
This User Gave Thanks to mark54g For This Post:
manalisharmabe
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

Secure ftp using ssl/tls

We have a requirement to setup secure ftp between our AIX v5.3 system and our mainframe. We don't want to use openssh with sftp and scp. Our mainframe uses ftp over ssl/tls so we have to use this on our AIX box. We have openssl on our AIX system but I'm not sure how to setup ssl/tls over ftp on... (4 Replies)
Discussion started by: DANNYC
4 Replies

2. Cybersecurity

TLS/SSL vulnerability explained

Here's a pretty good, and even PHB-compatible, explanation of the current TLS/SSl protocol vulnerability, including samples. (0 Replies)
Discussion started by: pludi
0 Replies

3. Shell Programming and Scripting

How to disable Enable/Disable Tab Key

Hi All, I have bash script, so what is sintax script in bash for Enable and Disable Tab Key. Thanks for your help.:( Thanks, Rico (1 Reply)
Discussion started by: carnegiex
1 Replies

4. UNIX for Dummies Questions & Answers

TLS/SSL Openldap Centos 5.5

hi guys I configured my openldap but now I want to implement SSL-TLS This is my basic slapd.conf configuration include /etc/openldap/schema/core.schema include /etc/openldap/schema/cosine.schema include /etc/openldap/schema/inetorgperson.schema include ... (2 Replies)
Discussion started by: karlochacon
2 Replies

5. Linux

SSL/TLS uses the public key to encrypt data ?

Hi, I have a doubt..whether the SSL/TLS protocol uses the public key of the web server to encrypt data before sending it. I knew the browser verifies the public key of the web server using the digital certificate (by verifying the signature of the certificate using trusted authority). whether... (2 Replies)
Discussion started by: chaitus.28
2 Replies

6. Red Hat

HOW TO DISABLE SSL/TLS RENEGOTIATION?

Hi guys, Those who work on Apache may help me on this. I have following problem Description: The remote service encrypts traffic using TLS / SSL and permits clients to renegotiate connections. The computational requirements for renegotiating a connection are asymmetrical between the... (3 Replies)
Discussion started by: manalisharmabe
3 Replies

7. UNIX for Advanced & Expert Users

ldap over tls -- ssl cert help

Hey Guys, I am trying to setup ldap over tls in our lab. I am generating a self signed cert on the ldap server and importing that into the ldap system so it will use ldap over port 636. The clients will be a mix of solaris and redhat. I am lost on what I need to do on the client side to get... (0 Replies)
Discussion started by: s ladd
0 Replies

8. Cybersecurity

How to disable TLS 1.0 support in Solaris

Hey Guys, I have a couple servers that are getting flagged by by our network security team. How do I disable TLS 1.0 protocol within Solaris? The vulnerability is : CVE-2011-3389 TLS-SSL Server Blockwise Chosen-Boundary Browser Weakness (2 Replies)
Discussion started by: s ladd
2 Replies

9. Shell Programming and Scripting

SSH shell script to access FTP over explicit TLS/SSL

Hello, I use the following SSH script to upload *.jpg files via FTP: #!/usr/bin/expect set timeout -1 spawn ftp -v -i expect "" send "\r" expect "Password:" send "\r" expect "ftp>" send "mput *.jpg\r" expect "ftp>" send "quit\r" replaced with actual ftp server/account data. ... (5 Replies)
Discussion started by: mrpi007
5 Replies

10. UNIX for Advanced & Expert Users

SSL/TLS with openldap

Hello to all, I'm beguinner in Linux instalations and I'm trying to Communicate from Web Sites that i have running under apache with openLDAP for users authentication using SSL mediation that seems to be connected with LDAPS. Can someone advise me how to do this, I have already installed... (1 Reply)
Discussion started by: CPMarco
1 Replies

LEARN ABOUT SUSE

apache::authznetldap

Apache::AuthzNetLDAP(3) 				User Contributed Perl Documentation				   Apache::AuthzNetLDAP(3)

NAME

       Apache::AuthzNetLDAP - Apache-Perl module that enables you to authorize a user for Website based on LDAP attributes.

SYNOPSIS

	 PerlSetVar BindDN "cn=Directory Manager"
	 PerlSetVar BindPWD "password"
	 PerlSetVar BaseDN "ou=people,o=unt.edu"
	 PerlSetVar LDAPServer ldap.unt.edu
	 PerlSetVar LDAPPort 389
	 PerlSetVar UIDAttr uid
	#PerlSetVar UIDAttr mail

	 PerlAuthenHandler Apache::AuthNetLDAP
	 PerlAuthzHandler Apache::AuthzNetLDAP

	 #require valid-user
	 #require user mewilcox
	 #require user mewilcox@venus.acs.unt.edu
	 #require group "cn=Peoplebrowsers1,ou=UNTGroups,ou=People, o=unt.edu"
	 #require ldap-url ldap://pandora.acs.unt.edu/o=unt.edu??sub?sn=wilcox
	 #require ldap-url ldap://pandora.acs.unt.edu/o=unt.edu??sub?sn=smith
	 #require ldap-url ldap://castor.acs.unt.edu/ou=people,o=unt.edu??sub?untcourse=
       untcoursenumber=1999CCOMM2040001,ou=courses,ou=acad,o=unt.edu

DESCRIPTION

       After you have authenticated a user (perhaps with Apache::AuthNetLDAP ;) you can use this module to determine whether they are authorized
       to access the Web resource under this modules control.

       You can control authorization via one of four methods. The first two are pretty standard, the second two are unique to LDAP.

       "require" options --

       user -> Will authorize access if the authenticated user's username.

       valid-user -> Will authorize any authenticated user.

       group -> Will authorize any authenticated user who is a member of the LDAP group specified by groupdn. This module supports groupOfMember,
       groupOfUniquemember and Netscape's dynamic group object classes.

       ldap-url -> This will authorize any authenticated user who matches the query specified in the given LDAP URL. This is enables users to get
       the flexibility of Netscape's dynamic groups, even if their LDAP server does not support such a capability.

CONFIGURATION NOTES

	It is important to note that this module must be used in conjunction with an authentication module. (...?
       Is this true?  I just thought, that you might want to only authorize a user, instead of authenticate...)
       If you are using an authentication module, then the following lines will not need to be duplicated:

	 PerlSetVar BindDN "cn=Directory Manager"
	 PerlSetVar BindPWD "password"
	 PerlSetVar BaseDN "ou=people,o=unt.edu"
	 PerlSetVar LDAPServer ldap.unt.edu
	 PerlSetVar LDAPPort 389
	 PerlSetVar UIDAttr uid
	#PerlSetVar UIDAttr mail

	 PerlAuthenHandler Apache::AuthNetLDAP

       The following lines will not need to be duplicated if supported by the authentication module:

	 #require valid-user
	 #require user mewilcox
	 #require user mewilcox@venus.acs.unt.edu
	 #require group "cn=Peoplebrowsers1,ou=UNTGroups,ou=People, o=unt.edu"
	 #require ldap-url ldap://pandora.acs.unt.edu/o=unt.edu??sub?sn=wilcox
	 #require ldap-url ldap://pandora.acs.unt.edu/o=unt.edu??sub?sn=smith
	 #require ldap-url ldap://castor.acs.unt.edu/ou=people,o=unt.edu??sub?untcourse=

       Obviously, the ldap-url attribute is probably only support by this module.

       Check out the following link for options to load the module:

       http://perl.apache.org/docs/1.0/guide/config.html#The_Startup_File http://perl.apache.org/docs/2.0/user/config/config.html#Startup_File

AUTHOR

       Mark Wilcox mewilcox@unt.edu and Shannon Eric Peevey speeves@unt.edu

SEE ALSO

       perl(1).

WARRANTY Hey, I didn't destroy mankind when testing the module. You're mileage may vary.
       This module is distributed with the same license as Perl's.

perl v5.12.1							    2010-07-05						   Apache::AuthzNetLDAP(3)
All times are GMT -4. The time now is 12:24 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy