Thursday, May 29, 2014

Re: [389-users] Retna Scan Results

David Boreham wrote:
>
> On 5/29/2014 11:33 AM, John Trump wrote:
>> With the answer Rob gave of "389-admin runs a separate instance of the
>> system httpd" I think this should be proof enough that the hits are
>> false positives. I can show that I have the latest update installed
>> from Red Hat.
>
> I wouldn't take his word for it ;)

Hey now!

> Identify the process listening on the port using netstat -nlp then use
> lsof -p to verify the location of that process' binary files. Check that
> those files came from the system httpd package.

You can optionally set ServerTokens to Prod in the admin server
httpd.conf and restart the server, then re-run the scanner. That should
make the version-based errors go away (or it could make matters worse).
See http://httpd.apache.org/docs/2.2/mod/core.html#servertokens

rob
--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users

No comments:

Post a Comment