RE: RE: Snort on Acid instructions

["Michael Steele" <michaels () silicondefense com>]

Wally,

Go into Internet Information Services in the Administrative Tools. You
should see the name of your server and a "+" beside that, click the "+"
and open IIS up. In there you should see FTP Sites, and Web Sites. Click
on the "+" next to the Web Sites and it will open up showing all the
websites you have. Right click on the Default Web Site and select
properties. That will pop up a window called Default Web Site
Properties. At that point select the Directory Security tab. Next you
will see one option in the middle of that window with a combination lock
showing, ad you will want to select the edit button. A window called "IP
Address and Domain Name Restrictions" will pop up. In there you will
find two options:

Granted Access: By Default all computers will be granted access

Denied Access: Except those listed below

You will want to make sure to click the radio button for "Denied Access"
and select the Add button to allow any IP Address in that you choose. If
you leave blank, then nobody gets in. I believe you don't need to add
localhost, but if you can't get to the Acid site from your browser on
localhost then go back and add 127.0.0.1 to the "except those listed
below" list.

Michael Steele | System Engineer / Support Technician     
mailto:michaels () silicondefense com
Silicon Defense: IDS solutions - http://www.silicondefense.com
Snort: Open Source Network IDS - http://www.snort.org


-----Original Message-----
From: Auteria Wally Winzer Jr. [mailto:wally.winzer () ChampUSA COM] 
Sent: June 14, 2002 7:20 PM
To: Michael Steele
Cc: Auteria Wally Winzer Jr.
Subject: Re: [Snort-users] RE: Snort on Acid instructions

Hey Michael, I'd like to get that info from you, if you don't mind
regarding
absolute for IIS.

Thanks.

Wally Winzer Jr.

----- Original Message -----
From: "Michael Steele" <michaels () silicondefense com>
To: <snort-users () lists sourceforge net>
Sent: Friday, June 14, 2002 18:56
Subject: [Snort-users] RE: Snort on Acid instructions


> William,
>
> You can restrict all IP's if you are using IIS. This is not documented
> in my walk thru for Snort on Acid using IIS here:
>
> http://www.silicondefense.com/techsupport/winsnortacid-iis_1.8.7.htm
>
> You can deny all except localhost if you're using Apache. This is
> documented in my online walk thru for Snort on Acid using Apache here:
http://www.silicondefense.com/techsupport/winsnortacid-apache_1.8.7.htm
> Both of those are absolute, nobody gets in from the outside.
>
> I can give you an absolute for IIS if you want that?
>
> Michael Steele | System Engineer / Support Technician
> mailto:michaels () silicondefense com
> Silicon Defense: IDS solutions - http://www.silicondefense.com
> Snort: Open Source Network IDS - http://www.snort.org
>
> -----Original Message-----
> From: William Minnis [mailto:wminnis () nac nu ca]
> Sent: June 14, 2002 1:13 PM
> To: michaels () silicondefense com
> Subject: Snort on Acid instructions
>
> Afternoon Michael -
>
> Let me commend you on the instruction set. It really helped during my
> install of Snort on
> Acid.
>
> One question. Is there an issue with the username and password combo
> snort / snort? Not
> being too terribly familiar with mysql, is there a way to ensure that
no
> one can connect
> to the database except from the localhost or console? Or would you
> simply recommend
> removing the snort user and creating my own?
>
> Thanks for your thoughts,
>
> William
>
>
>
> William Minnis
> Manager, Information Services
> Nunavut Arctic College
> Iqaluit, Nunavut
>
> wminnis () nac nu ca
> 867.979.4660    Tel
> 867.975.1566    Cel
> 867.979.4681    Fax
>
>
>
>
>
> _______________________________________________________________
>
> Don't miss the 2002 Sprint PCS Application Developer's Conference
> August 25-28 in Las Vegas -
http://devcon.sprintpcs.com/adp/index.cfm?source=osdntextlink
> _______________________________________________
> Snort-users mailing list
> Snort-users () lists sourceforge net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users





_______________________________________________________________

Don't miss the 2002 Sprint PCS Application Developer's Conference
August 25-28 in Las Vegas - http://devcon.sprintpcs.com/adp/index.cfm?source=osdntextlink

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users