You can use below commands to check on which protocols a particular website responds: Recommended practice is to use only TLS1_1 & TLS1_2 as the enabled protocols on your web/app server. As SSL3 & TLS1 are not that secure now due to various uncovered vulnerabilities. openssl s_client -connect : -<ssl3|ssl2|tls1|tls1_1|tls1_2> openssl s_client -connect localhost:8080 -ssl2 […]
In Solaris 9 and above, non root users can open ports < 1024 with the below command: # su – # /usr/sbin/usermod -K defaultpriv=basic,net_privaddr <userId> Also this needs to be run once by root user, after this user will be able to bind to any available port & there will be no restriction
So we all are hearing various news about Heartbleed Bug, so let’s see which of our middleware application servers are affected by this:
Here is an brief review of the Bug -CVE-2014-0160:
“OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the TLS/DTLS heartbeat functionality. An attacker could exploit this vulnerability to expose 64k of private memory and retrieve secret keys. An attacker can repeatedly expose additional 64k chunks of memory. This vulnerability can be remotely exploited, authentication is not required and the exploit is not complex. An exploit can only partially affect the confidentially, but not integrity or availability..”
The perfdump utility is a Server Application Function (SAF) built into Sun ONE Web Server that collects various pieces of performance data from the Web Server internal statistics and displays them in ASCII text. The perfdump utility allows you to monitor a greater variety of statistics than those available through the Server Manager.
In Admin of Sun One Server: