RE: Problem Connecting via https Over Network and Internet - SOLVED - Firewall Issue

RE: Problem Connecting via https Over Network and Internet - SOLVED - Firewall Issue

am 06.08.2002 14:38:49 von Alicianiah Cherry

Just goes to show my inexperience with Linux - issuing the ipchains -F
input command cleared the firewall rules and now SSL connections work
GREAT! Thanks to you all for your time and many responses. I will be
quite busy today as I am moving a web app off a Win2K box and on to Linux -
the SSL problem was the only thing holding me up. Apache seems to handle
SSL connections much faster than IIS.

Any help or suggestions you might offer in terms of advice on selecting a
CA, as well as recommended upgrades for Apache or mod_ssl would be greatly
appreciated. THANKS AGAIN!

Alicia Cherry
Systems Administrator
RiverStone Counseling

-----Original Message-----
From: Maurizio Marini [SMTP:maumar@datalogica.com]
Sent: Monday, August 05, 2002 10:37 PM
To: modssl-users@modssl.org
Subject: Re: Problem Connecting via https Over Network and Internet

> negating a firewall issue, I would think.

why do u thik this? have you tried to clear your firewall rules, before to
say
this? if not, do it issuing as root: # ipchains -F input
by default RedHat 7.3 install ipchains
in any case, send us output of ipchains -L -n (or the output of iptables
-L
-n if u have configured iptables in your box)


-- maumar

____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org
____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org

RE: Problem Connecting via https Over Network and Internet - SOLVED- Firewall Issue

am 06.08.2002 16:11:27 von dufresne

You will not want to keep the machine without the firewall rules, as it
will be ow3d shortly if you do. You need to findout how to make the
proper allow statements to open just that hole for the web ports open, 80
and 443. Perhaps other rules to open ssh from only those sites you might
have to remotely access the system.

Thanks,

Ron DuFresne

On Tue, 6 Aug 2002, Alicianiah Cherry wrote:

> Just goes to show my inexperience with Linux - issuing the ipchains -F
> input command cleared the firewall rules and now SSL connections work
> GREAT! Thanks to you all for your time and many responses. I will be
> quite busy today as I am moving a web app off a Win2K box and on to Linux -
> the SSL problem was the only thing holding me up. Apache seems to handle
> SSL connections much faster than IIS.
>
> Any help or suggestions you might offer in terms of advice on selecting a
> CA, as well as recommended upgrades for Apache or mod_ssl would be greatly
> appreciated. THANKS AGAIN!
>
> Alicia Cherry
> Systems Administrator
> RiverStone Counseling
>
> -----Original Message-----
> From: Maurizio Marini [SMTP:maumar@datalogica.com]
> Sent: Monday, August 05, 2002 10:37 PM
> To: modssl-users@modssl.org
> Subject: Re: Problem Connecting via https Over Network and Internet
>
> > negating a firewall issue, I would think.
>
> why do u thik this? have you tried to clear your firewall rules, before to
> say
> this? if not, do it issuing as root: # ipchains -F input
> by default RedHat 7.3 install ipchains
> in any case, send us output of ipchains -L -n (or the output of iptables
> -L
> -n if u have configured iptables in your box)
>
>
> -- maumar
>
> ____________________________________________________________ __________
> Apache Interface to OpenSSL (mod_ssl) www.modssl.org
> User Support Mailing List modssl-users@modssl.org
> Automated List Manager majordomo@modssl.org
> ____________________________________________________________ __________
> Apache Interface to OpenSSL (mod_ssl) www.modssl.org
> User Support Mailing List modssl-users@modssl.org
> Automated List Manager majordomo@modssl.org
>

--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
admin & senior security consultant: sysinfo.com
http://sysinfo.com

"Cutting the space budget really restores my faith in humanity. It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation."
-- Johnny Hart

testing, only testing, and damn good at it too!

____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org