You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by "Kannan Narayanasamy -X (kannanar - HCL TECHNOLOGIES LIMITED at Cisco)" <ka...@cisco.com> on 2014/12/05 12:07:11 UTC
[users@httpd] Apache crashes on Qualys Scan
Hi Team,
While scanning the ports using Qualys scanner, Apache process is crashing. We can add the corresponding port in the exclude list but in customer scenario is not possible to exclude those ports from scanning. Is there any option is available to recover from this crashing.
Apache Details:
--------------------
Server version: Apache/2.2.22 (Win32)
Server built: Apr 11 2012 12:17:10
Can anyone help us on this part to resolve the issue?
Thanks,
Kannan Narayanasamy.
Re: [users@httpd] Apache crashes on Qualys Scan
Posted by "Rainer M. Canavan" <ra...@sevenval.com>.
On Dec 5, 2014, at 12:07 , "Kannan Narayanasamy -X (kannanar - HCL TECHNOLOGIES LIMITED at Cisco)" <ka...@cisco.com> wrote:
> Hi Team,
>
> While scanning the ports using Qualys scanner, Apache process is crashing. We can add the corresponding port in the exclude list but in customer scenario is not possible to exclude those ports from scanning. Is there any option is available to recover from this crashing.
>
> Apache Details:
> --------------------
> Server version: Apache/2.2.22 (Win32)
> Server built: Apr 11 2012 12:17:10
>
> Can anyone help us on this part to resolve the issue?
try getting a live backtrace of the crash, or a core dump and
analyze that:
http://httpd.apache.org/dev/debugging.html
There are some configuration options that can cause crashes in certain
configurations, e.g. "EnableMMAP on", but I don't know if Windows would
be affected by this.
rainer
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Apache crashes on Qualys Scan
Posted by Jeff Trawick <tr...@gmail.com>.
On Fri, Dec 5, 2014 at 6:07 AM, Kannan Narayanasamy -X (kannanar - HCL
TECHNOLOGIES LIMITED at Cisco) <ka...@cisco.com> wrote:
> Hi Team,
>
>
>
> While scanning the ports using Qualys scanner, Apache process is
> crashing. We can add the corresponding port in the exclude list but in
> customer scenario is not possible to exclude those ports from scanning. Is
> there any option is available to recover from this crashing.
>
>
>
> Apache Details:
>
> --------------------
>
> Server version: Apache/2.2.22 (Win32)
>
> Server built: Apr 11 2012 12:17:10
>
>
>
> Can anyone help us on this part to resolve the issue?
>
>
>
> Thanks,
>
> Kannan Narayanasamy.
>
>
>
Find the root cause. Maybe the scanner is checking for a known
vulnerability which causes a crash, and you need to upgrade.
Several procedures that should provide useful information:
1. Use the latest httpd 2.2.x and see if the problem still occurs.
2. Use mod_log_forensic (
http://httpd.apache.org/docs/2.2/mod/mod_log_forensic.html) to see which
request is triggering the crash, verify that it is the same request for
each scan run, then study the configuration and any third party modules
that would behave differently for that particular request.
3. Disable all third-party modules and see if the problem is still
reproduced. If not, add them back one by one to see which is the likely
culprit.
4. Use debugging tools (a crash dump or running the httpd.exe child process
under a debugger while the problem is reproduced). You'll need .pdb files
(debugging symbols) for your httpd for this to be practical.
--
Born in Roswell... married an alien...
http://emptyhammock.com/