Stop POODLE SSL (SSLv3 Vulnerability) Attacks on Apache

To stop the evil POODLE SSL attack on Apache, you need to disable the SSLv2 and SSLv3 protocols.

Add the following line of text to your apache.conf file, usually found in folder /etc/apache2

SSLProtocol All -SSLv2 -SSLv3

Run the apache configuration test command after doing this:

apachectl configtest

Then restart apache, the “hard” way:

/etc/init.d/apache2 stop
/etc/init.d/apache2 start

You are good to go!

 

Linux: How to Determine Cron-Execution-Time Environment Variable Values

Oftentimes it’s asked how to figure out which environment variables your cron scripts are running against.

The first step in doing so is the figure out exactly which shell cron is using.

/bin/sh is usually symbolically linked to bash on a variety of linux systems. Some Debian-based distros jave /bin/sh linked to dash (you can always run “ls -l /bin” to see such links).

To configure cron’s run-time environment in your shell scripts, add the following environment variables at the top of the cron tab. This will set the shell and $PATH, and it will also email you the output of STDOUT and STDERR as your script is executed.

SHELL=/bin/bash
MAILTO=me@me.com
PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/sbin:/usr/sbin:/sbin

To go a bit deeper in your investigations, you can have cron execute a Perl script (thanks to Po Petz for the code below). The following prints out your environment variable values. It shows you what is visible to cron at exeecution-time, and helps you figure out whether you need to make any adjustments to the cron environment (such as PATH or any special variables like $HOME or $JAVA_HOME).

#!/usr/bin/env perl
use warnings;
use strict;

my $filename = "$0.out"; # just tack on an ".out" to the name of this script

open my $filehandle, '>', $filename or die "Could not write to ' $filename ' : $!\n";

my $timestamp = scalar(localtime);
print $filehandle "Dumping environment values at $timestamp :\n";

# print out the whole environment
foreach my $key (sort (keys %ENV)) {
    print $filehandle "$key = $ENV{$key}\n";
}