Snort mailing list archives
RE: RE: Snort on Acid instructions
From: "Michael Steele" <michaels () silicondefense com>
Date: Sat, 15 Jun 2002 09:28:22 -0700
Wally, Go into Internet Information Services in the Administrative Tools. You should see the name of your server and a "+" beside that, click the "+" and open IIS up. In there you should see FTP Sites, and Web Sites. Click on the "+" next to the Web Sites and it will open up showing all the websites you have. Right click on the Default Web Site and select properties. That will pop up a window called Default Web Site Properties. At that point select the Directory Security tab. Next you will see one option in the middle of that window with a combination lock showing, ad you will want to select the edit button. A window called "IP Address and Domain Name Restrictions" will pop up. In there you will find two options: Granted Access: By Default all computers will be granted access Denied Access: Except those listed below You will want to make sure to click the radio button for "Denied Access" and select the Add button to allow any IP Address in that you choose. If you leave blank, then nobody gets in. I believe you don't need to add localhost, but if you can't get to the Acid site from your browser on localhost then go back and add 127.0.0.1 to the "except those listed below" list. Michael Steele | System Engineer / Support Technician mailto:michaels () silicondefense com Silicon Defense: IDS solutions - http://www.silicondefense.com Snort: Open Source Network IDS - http://www.snort.org -----Original Message----- From: Auteria Wally Winzer Jr. [mailto:wally.winzer () ChampUSA COM] Sent: June 14, 2002 7:20 PM To: Michael Steele Cc: Auteria Wally Winzer Jr. Subject: Re: [Snort-users] RE: Snort on Acid instructions Hey Michael, I'd like to get that info from you, if you don't mind regarding absolute for IIS. Thanks. Wally Winzer Jr. ----- Original Message ----- From: "Michael Steele" <michaels () silicondefense com> To: <snort-users () lists sourceforge net> Sent: Friday, June 14, 2002 18:56 Subject: [Snort-users] RE: Snort on Acid instructions
William, You can restrict all IP's if you are using IIS. This is not documented in my walk thru for Snort on Acid using IIS here: http://www.silicondefense.com/techsupport/winsnortacid-iis_1.8.7.htm You can deny all except localhost if you're using Apache. This is documented in my online walk thru for Snort on Acid using Apache here:
http://www.silicondefense.com/techsupport/winsnortacid-apache_1.8.7.htm
Both of those are absolute, nobody gets in from the outside. I can give you an absolute for IIS if you want that? Michael Steele | System Engineer / Support Technician mailto:michaels () silicondefense com Silicon Defense: IDS solutions - http://www.silicondefense.com Snort: Open Source Network IDS - http://www.snort.org -----Original Message----- From: William Minnis [mailto:wminnis () nac nu ca] Sent: June 14, 2002 1:13 PM To: michaels () silicondefense com Subject: Snort on Acid instructions Afternoon Michael - Let me commend you on the instruction set. It really helped during my install of Snort on Acid. One question. Is there an issue with the username and password combo snort / snort? Not being too terribly familiar with mysql, is there a way to ensure that
no
one can connect to the database except from the localhost or console? Or would you simply recommend removing the snort user and creating my own? Thanks for your thoughts, William William Minnis Manager, Information Services Nunavut Arctic College Iqaluit, Nunavut wminnis () nac nu ca 867.979.4660 Tel 867.975.1566 Cel 867.979.4681 Fax _______________________________________________________________ Don't miss the 2002 Sprint PCS Application Developer's Conference August 25-28 in Las Vegas -
http://devcon.sprintpcs.com/adp/index.cfm?source=osdntextlink
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
_______________________________________________________________ Don't miss the 2002 Sprint PCS Application Developer's Conference August 25-28 in Las Vegas - http://devcon.sprintpcs.com/adp/index.cfm?source=osdntextlink _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- RE: Snort on Acid instructions Michael Steele (Jun 14)
- <Possible follow-ups>
- RE: RE: Snort on Acid instructions Michael Steele (Jun 15)