Hi guys, Those who work on Apache may help me on this.
I have following problem
Description:
The remote service encrypts traffic using TLS / SSL and permits clients to renegotiate
connections. The computational requirements for renegotiating a connection are
asymmetrical between the client and the server, with the server performing several times
more work. Since the remote host does not appear to limit the number of renegotiations
for a single TLS / SSL connection, this permits a client to open several simultaneous
connections and repeatedly renegotiate them, possibly leading to a denial of service
condition.
(In short tell me how to disable SSL/TLS renegotiation?
Will Disabling it will stop some funtionality?)
Moreover the SSL certificate has already expired. It is in the process to get renewed.
This output of
--------------------------------------------------------------------------------------------
What is use of SSLEngine on?
Will " SSLEngine off" value will disable SSL/TLS renegotiation ?
Which module is used prefork or worker or both?
Should I keep "MaxRequestsPerChild" to also 4000 so that a single client can't send multiple request causing denial of service?
Please guide me I am new to Apache stuff.
Thanks.
---------- Post updated at 09:11 PM ---------- Previous update was at 07:46 PM ----------
Reply Please..........
Last edited by Scott; 10-30-2011 at 12:50 PM..
Reason: Formatting; Code Tags
Hello to all,
I'm beguinner in Linux instalations and I'm trying to Communicate from Web Sites that i have running under apache with openLDAP for users authentication using SSL mediation that seems to be connected with LDAPS.
Can someone advise me how to do this, I have already installed... (1 Reply)
Hey Guys,
I have a couple servers that are getting flagged by by our network security team. How do I disable TLS 1.0 protocol within Solaris? The vulnerability is :
CVE-2011-3389
TLS-SSL Server Blockwise Chosen-Boundary Browser Weakness (2 Replies)
Hey Guys,
I am trying to setup ldap over tls in our lab. I am generating a self signed cert on the ldap server and importing that into the ldap system so it will use ldap over port 636. The clients will be a mix of solaris and redhat. I am lost on what I need to do on the client side to get... (0 Replies)
Hi all Expertise,
I have following issue to solve,
SSL / TLS Renegotiation DoS (low) 222.225.12.13
Ease of Exploitation Moderate
Port 443/tcp
Family Miscellaneous
Following is the problem description:------------------
Description The remote service encrypts traffic using TLS / SSL and... (2 Replies)
Hi,
I have a doubt..whether the SSL/TLS protocol uses the public key of the web server to encrypt data before sending it.
I knew the browser verifies the public key of the web server using the digital certificate (by verifying the signature of the certificate using trusted authority). whether... (2 Replies)
hi guys
I configured my openldap but now I want to implement SSL-TLS
This is my basic slapd.conf configuration
include /etc/openldap/schema/core.schema
include /etc/openldap/schema/cosine.schema
include /etc/openldap/schema/inetorgperson.schema
include ... (2 Replies)
We have a requirement to setup secure ftp between our AIX v5.3 system and
our mainframe. We don't want to use openssh with sftp and scp. Our mainframe uses ftp over ssl/tls so we have to use this on our AIX box. We have openssl on our AIX system but I'm not sure how to setup ssl/tls over ftp
on... (4 Replies)