Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <3E30FD8F.7040206@ifrance.com>
Date: Fri, 24 Jan 2003 09:47:11 +0100
From: Estrade Matthieu <estrade-m@...ance.com>
To:  owl-users@...ts.openwall.com
Subject: Re: RE : First install



Solar Designer wrote:

>On Fri, Jan 24, 2003 at 12:40:05AM +0100, Estrade Matthieu wrote:
>  
>
>>I setup too my network card and did some stuff with. Sometimes, I get
>>"neighbour overflow", I dunno what it is...
>>    
>>
>
>This sounds like a network driver problem, but with so little detail I
>can't even grep kernel sources for it appropriately.
>  
>
I didn't setup a loopback, so maybe it's why i got this error message

>  
>
>>Anyway, I am happy with this new system... which is very clean.
>>I will now try to compile apache as you wrote in the TODO file.
>>You are requiring apache 1.3.x so now 1.3.27 but why not 2.0 ?
>>    
>>
>
>Russian Apache is still based on 1.3.x (and I think that's for some
>reasons not limited to the extra effort it'd take to update it).  I
>don't want to maintain two versions.
>
>  
>
>>2.0 is more secure
>>    
>>
>
>Is it?  (I don't care about its properties on Win32.)
>  
>
yep, i think it is because if you look all the problem there were last 
month (OpenSSL and chunk exploits), all the exploits you can find, 
giving remote shell, are only on apache 1.3.
apache 2.0 was only vuln to Denial of services and more difficult to 
exploit. but maybe i don't get all the existing exploits...

>>and really more powerfull than 1.3.x.
>>    
>>
>
>What specific features of 2.0 do you think would benefit Owl users?
>  
>
right, apache 2.0 is more powerfull because of many points.

1- his architecture, he can provide actually 3 working mode (mpm = multi 
processing modules)
            - prefork, like apache 1.3, working with forked server.
            - worker, a new mode, stable and powerfull, working with 
dynamic forked server containing static threaded child.
            - perchild, closed to be stable, working with dynamic 
threaded server containing dynamic thread child.

2- The caching features are really good too, a new module caching 
documents and serving it from RAM is powerfull.

3- lots of modules available, like deflate (free compresssion data 
module) which increase performance too.

4- The reverse proxy mode, working fine and doing real HTTP/1.1 instead 
of apache 1.3 doing fake HTTP/1.1
so now apache 2.0 in reverse proxy mode can proxy all kind of 
authentication.
The reverse proxy for protecting web is now used a lot and it's fashion :)))

5- The apache 2.0 and apr api are more user friendly and provide stuff 
to make more easy modules developpement (filters, bucket brigades etc...)
It's possible to do all you want without modifying the apache core

there is a lot of good point making apache 2.0 better than apache 1.3 
but i can't remember all at the same time :)
when i will find more, i will add it in a list :)

>  
>
>>I will try to compile both.
>>    
>>
>
>  
>
m.e



Content of type "text/html" skipped

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.