Enabling SSL on RedHat’s JBoss Enterprise Application Platform 5.1
Hi folks,
i’m writing this little note as “errata corrige” of HTTPS Configuration Chapter in RedHat JBoss EAP Installation Guide. If you follow the steps indicated there you will get a not working Tomcat’s istance: That’s because they are missing a step well explained in the Tomcat 6 SSL How To:
Shortly Tomcat can use two SSL Engine:
- the JSSE implementation provided as part of the Java runtime (since 1.4)
- the APR implementation, which uses the OpenSSL engine by default
the RedHat guide shows you how to use java keytool, which can be used with the JSSE implementation, but the default tomcat configuration in JBoss EAP 5.1 uses the APR implementation, that’s means if you would use the keytool and the keystore as i suggest you, you should change this line in <server-profile>/deploy/jbossweb.sar/server.xml
<Listener className=”org.apache.catalina.core.AprLifecycleListener” SSLEngine=”on” />
with this line
<Listener className=”org.apache.coyote.http11.Http11NioProtocol” SSLEngine=”on” />
for non-blocking ssl listener or with
<Listener className=”org.apache.coyote.http11.Http11Protocol” SSLEngine=”on” />
to obtain a blocking ssl listener.
After that you can easily follow the redhat guide.
Syscall Hijacking: Simple Rootkit (kernel 2.6.x)
Hi. In this post I’ll show you how to change the process credentials through kernel modules. In a such way you can make your own rootkit(s): i.e. when you performs a pre-established action, the module will give you a root access.
First of all we need to know where these credentials are kept: in the kernel versions < 2.6.29 we find all this informations in the “task_struct” structure. This structure is defined in “linux/sched.h”: Read more…
Syscall Hijacking: Kernel 2.6.* systems
In this guide I will explain how to hijack the syscall in kernel 2.6.*: in particular how to bypass the kernel write protection and the “protected mode” bit of the CR0 CPUs register.
I don’t explain what is a syscall or syscall table: I assume you know what it is.
Read more…
GNU C: Extensions to the C Language Family
Hi. Today I’ll talk about the extensions to the C language family introduced by the GNU C.
The GNU C provides several language features not found in ANSI standard C. These extensions are available both in C and C++. The `-pedantic’ option directs GNU CC to print a warning message if any of these features is used.
The list of these features is very long: often we use them implicitly. I will show to you only those I consider most useful and “strange”: Read more…