« February 2012 | Main | April 2012 »

5 posts from March 2012


Apache Tomcat Connectors 1.2.35 Released

People who upgraded their systems to the recently released tomcat connectors 1.2.33 release experienced problems with crashes of IIS and Apache. The Apache Tomcat team released Tomcat Connectors 1.2.35 today, which fixes those problems.

The changelog list 4 fixes; two involving mod_jk on apache http server and two involving the isapi_redirect on IIS. You can download source and binaries from a Tomcat mirror.


Apache Tomcat Connectors 1.2.33 Released

UPDATE: 03/26/2012 - Apparently, there were quite a few problems caused by this version. Tomcat Connectors v1.2.35 was just released.

The Apache Tomcat team released version 1.2.33 today of the Tomcat Connectors, (which includes mod_jk for the Apache HTTP server and isapi_redirect.dll for IIS). The changelog lists some new functionality and some fixes supporting Apache HTTP Server 2.4 and Microsoft's IIS.

Based on the changelog, it looks like isapi_redirect.dll on IIS5/Windows 2000 is no longer supported as the mimimal supported version listed with 1.2.33 is Windows Server 2003 Service Pack 1 or Windows XP Service Pack 2.

This release also introduces a new load-balancing method called "Next", which emulates a more traditional round robin-style load-balancing algorithm.

Source and binaries are available for download from the nearest tomcat connector mirror.


CryptoNark 0.4.7 Released

This is the first new release in about 8 months and this version adds one new feature and one bug fix; both involving certificate and host name validation.

Previous versions of CryptoNark, when run with the --insecure switch, would exit if the host name scanned did not match the common name or subject alternative name bound to the certificate. This made it hard to do things like scan an IP address or scan a single host in a farm of servers to see what ciphers were enabled (or if cipher remediation steps were successful). Now, when the --insecure argument is given, cryptonark will not perform any host name or certificate validation at all, (but it will still perform a cipher scan).

New in this version is a cosmetic change. Previous versions of cryptonark would perform certificate and host name validation but would only output the common name of the certificate. This version now outputs the common name and any subject alternative names that are bound to the certificate.

The main cryptonark page has been updated to reflect this change history and you can download a copy from the Techstacks Downloads page. Thanks again for everyone who has given this tool a try! Please let me know of any issues by sending me a mail at techstacks [at] gmail [dot] com or via twitter @techstacks.