| *** ricardoamaro has quit (Ping timeout: 246 seconds) | 00:25 | |
| *** ricardoamaro (~ricardoam@drupal.org/user/74228/view) has joined #wikid | 09:17 | |
| *** ricardoamaro has quit (Read error: Connection reset by peer) | 09:50 | |
| *** ricardoamaro (~ricardoam@drupal.org/user/74228/view) has joined #wikid | 09:51 | |
| *** ricardoamaro has quit (Remote host closed the connection) | 13:24 | |
| *** ricardoamaro (~ricardoam@drupal.org/user/74228/view) has joined #wikid | 13:26 | |
| *** ricardoamaro has quit (Ping timeout: 265 seconds) | 13:38 | |
| *** nowen (~nowen@99-174-92-191.lightspeed.tukrga.sbcglobal.net) has joined #wikid | 14:02 | |
| *** ricardoamaro (~ricardoam@drupal.org/user/74228/view) has joined #wikid | 14:19 | |
| *** ricardoamaro has quit (Ping timeout: 252 seconds) | 15:20 | |
| *** ricardoamaro (~ricardoam@drupal.org/user/74228/view) has joined #wikid | 15:37 | |
| *** ricardoamaro has quit (Ping timeout: 246 seconds) | 15:42 | |
| nowen | Back after lunch people | 15:55 |
|---|---|---|
| *** nowen has quit (Quit: Leaving.) | 15:55 | |
| *** MO (49c79dbf@gateway/web/freenode/ip.73.199.157.191) has joined #wikid | 16:19 | |
| MO | hello | 16:20 |
| *** MO is now known as Guest93232 | 16:20 | |
| Guest93232 | nick? | 16:20 |
| Guest93232 | are you available? | 16:21 |
| Guest93232 | does anyone know if wikid is vulnerable to ghost, ntp, and freak vulnerabilities | 16:21 |
| Guest93232 | hello | 16:22 |
| *** ricardoamaro (~ricardoam@drupal.org/user/74228/view) has joined #wikid | 16:30 | |
| *** Guest93232 has quit (Quit: Page closed) | 18:09 | |
| *** mo (49c79dbf@gateway/web/freenode/ip.73.199.157.191) has joined #wikid | 18:10 | |
| *** mo is now known as Guest56563 | 18:11 | |
| *** nowen (~nowen@99-174-92-191.lightspeed.tukrga.sbcglobal.net) has joined #wikid | 18:18 | |
| joevano_ | Guest56563: nick is here now... | 18:29 |
| nowen | hi | 18:29 |
| joevano_ | he had a question... "does anyone know if wikid is vulnerable to ghost, ntp, and freak vulnerabilities" | 18:30 |
| nowen | Guest56563: can you be more specific? | 18:32 |
| laszlof | 3wrong guest. | 18:36 |
| laszlof | erm, nevermuind | 18:36 |
| nowen | ghost and freak, now | 18:55 |
| nowen | no | 18:55 |
| nowen | not sure what the ntp vuln is | 18:55 |
| nowen | but bad clocks tend to be bad for time-bound OTPs | 18:59 |
| Guest56563 | thanks nick | 19:08 |
| Guest56563 | here are cve for ntp vulnerabilities | 19:08 |
| Guest56563 | •CVE-2014-9293 | 19:08 |
| Guest56563 | •CVE-2014-9294 | 19:09 |
| Guest56563 | •CVE-2014-9295 | 19:09 |
| Guest56563 | •CVE-2014-9296 | 19:09 |
| nowen | Guest56563: The server runs on linux. our iso is based on centos, so if there's an update then we should be good | 19:11 |
| nowen | Guest56563: would you run the iso or your own linux box? | 19:16 |
| Guest56563 | i used your iso | 19:22 |
| nowen | ok - have you yum updated? | 19:23 |
| Guest56563 | no not recently | 19:23 |
| Guest56563 | how often should i run that | 19:23 |
| nowen | have you updated WiKID recently? What version are you running? | 19:24 |
| Guest56563 | wikid-server-enterprise-3.5.0-b1352 | 19:25 |
| Guest56563 | I plan on updating next week | 19:26 |
| nowen | oh my | 19:26 |
| nowen | haha | 19:26 |
| nowen | ok | 19:26 |
| nowen | who are you with? | 19:26 |
| Guest56563 | this mo from GlobeTax | 19:27 |
| nowen | oh, hey Mo! | 19:28 |
| nowen | good to see you | 19:29 |
| nowen | you can run yum update almost any time. but in particular if there's a known vuln | 19:29 |
| Guest56563 | should i run the before updating wikid or update wikid first or doesnt' matter | 19:31 |
| nowen | shouldn't matter - but you should take a snapshot beforehand just in case | 19:31 |
| Guest56563 | of course... thanks for reminder | 19:32 |
| Guest56563 | how would i go about updating wikid | 19:33 |
| nowen | https://www.wikidsystems.com/support/wikid-support-center/installation-how-tos/how-to-upgrade-your-wikid-strong-authentication-server | 19:34 |
| nowen | just download the latest rpms to the server and run 'rpm -Uvh wikid-*' | 19:34 |
| nowen | if you are running the iso, then you want the 32 bit utilities rpm | 19:35 |
| Guest56563 | how do i verify what i have | 19:37 |
| nowen | what rpms? | 19:39 |
| nowen | or verify the rpms you download? | 19:39 |
| Guest56563 | rpms i download | 19:42 |
| nowen | the latest server rpm has an md5sum of fea6262df557ac19e08b347ff53f73f9 (as on the download page) | 19:45 |
| nowen | download that file and run the command 'md5sum wikid-server-enterprise-4.0.1.b1821-1.noarch.rpm' | 19:45 |
| nowen | it should produce that same result | 19:45 |
| nowen | note that the web server is different than the download server so you would have to compromise both servers to change the software and md5 | 19:46 |
| Guest56563 | ok thanks i will give it a shot early next week. | 19:49 |
| Guest56563 | is it possible to use wikid on outlook web access | 19:49 |
| Guest56563 | or sharepoint | 19:50 |
| nowen | Guest56563: it depends on the version, but for the most part, you just need to put it behind something that supports RADIUS | 20:09 |
| *** ricardoamaro has quit (Quit: Leaving.) | 20:52 | |
| *** Guest56563 has quit (Quit: Page closed) | 21:40 | |
| *** ricardoamaro (~ricardoam@drupal.org/user/74228/view) has joined #wikid | 22:53 | |
| *** nowen has quit (Quit: Leaving.) | 23:04 | |
Generated by irclog2html.py 2.11.0 by Marius Gedminas - find it at mg.pov.lt!