tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From David Smith <d...@cornell.edu>
Subject Re: Some tomcat config questions
Date Mon, 24 Jul 2006 11:40:21 GMT
Third if I telnet to port 80 and issue "GET / HTTP/1.0" the "Location" header contain the local
ip address not the public one, It's sat behind a firewall.
I tried the "server=external ip" in each connector but I still get the internal ip address
returned, any way to fix it?


If you want to bind tomcat to a specific IP, use the address="1.2.3.4" 
attribute in the connector.

--David

Stuart Fox wrote:

>Hi
>
>First post so be kind :)
>
>I've just run a nessus scan against one of our servers running tomcat 4.1.30 standalone
on linux and its highlighed a few problems that I cant find config options for.
>
>First off is weak ssl ciphers, I've currently got 
>
>protocol="SSLv3"
>ciphers="SSL_RSA_WITH_RC4_128_MD5,SSL_RSA_WITH_RC4_128_SHA,SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA"
>
>For eash ssl connector as suggested here http://www.nabble.com/SSL-Server-Supports-Weak-Encryption-Vulnerability-t1843999.html
>However, nessus still says it supports weak ciphers. What have I missed?
>
>Second it says I have UserDir enabled (like apache mod_userdir I assume) but again I cant
find a way to disable it
>
>Third if I telnet to port 80 and issue "GET / HTTP/1.0" the "Location" header contain
the local ip address not the public one, It's sat behind a firewall.
>I tried the "server=external ip" in each connector but I still get the internal ip address
returned, any way to fix it?
>
>Lastly (I think) the version header is always "Apache-Coyote/1.1", any way to change it
to "Coyote" easily?
>
>Thanks in advance!
>
>Cheers
>
>Stuart
>
>This email and any files transmitted with it are confidential and intended solely for
the use of the individual or entity to whom they are addressed. If you have received this
email in error please notify netXtra Ltd. Please note that any views or opinions presented
in this email are solely those of the author and do not necessarily represent those of the
company. This email or any attachments do not constitute an offer. The contents of this e-mail
and any attachments may contain viruses that could damage your own computer systems.  Whilst
netXtra Ltd has taken every precaution to minimise this risk, we cannot accept liability for
any damage that you may sustain as a result of viruses
>
>
>---------------------------------------------------------------------
>To start a new topic, e-mail: users@tomcat.apache.org
>To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>For additional commands, e-mail: users-help@tomcat.apache.org
>
>  
>


---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message