>
> On 5/29/2014 11:33 AM, John Trump wrote:
>> With the answer Rob gave of "389-admin runs a separate instance of the
>> system httpd" I think this should be proof enough that the hits are
>> false positives. I can show that I have the latest update installed
>> from Red Hat.
>
> I wouldn't take his word for it ;)
Hey now!
> Identify the process listening on the port using netstat -nlp then use
> lsof -p to verify the location of that process' binary files. Check that
> those files came from the system httpd package.
You can optionally set ServerTokens to Prod in the admin server
httpd.conf and restart the server, then re-run the scanner. That should
make the version-based errors go away (or it could make matters worse).
See http://httpd.apache.org/docs/2.2/mod/core.html#servertokens
rob
--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users
No comments:
Post a Comment