Snort mailing list archives
Demarc
From: "Bart Decker (DCS)" <info () dcs-stein nl>
Date: Sun, 27 Apr 2003 23:55:54 +0200 (W. Europe Daylight Time)
Hello all , After installing Demarc on my linux server , i'm not able to get to the console . When entering the right URL in my browser (windows XP IE6.x) i get notified about the certificate (security alert pop-up) . When clicking on yes to continue , it shows me only this : Forbidden You don't have permission to access /Demarc/PureSecure on this server. ----------------------------------------------------------------------------- -- Apache/1.3.27 Server at linux Port 443 I tried the demarc knowledge base , bit it doesn't containt some in depth information about the problem . It's saying i have to recheck my configuration for the proper settings . They all seem right to me . I've never worked with ssl , and i think it has something to do with setting up ssl properly . I really have no clue which settings to check .... Additional Logs : SSL_ENGINE.LOG , ERROR_LOG , ACCESS_LOG from apache log dir ...ow and ssl_request.log [27/Apr/2003 12:41:31 12848] [warn] Init: (linux:443) RSA server certificate CommonName (CN) `localhost' does NOT match server name!? [27/Apr/2003 12:42:49 12859] [info] Connection to child 0 established (server linux:443, client 192.168.0.2) [27/Apr/2003 12:42:50 12859] [info] Seeding PRNG with 1160 bytes of entropy [27/Apr/2003 12:42:50 12859] [info] Connection: Client IP: 192.168.0.2, Protocol: SSLv3, Cipher: RC4-MD5 (128/128 bits) [27/Apr/2003 12:42:53 12859] [info] Connection to child 0 closed with standard shutdown (server linux:443, client 192.168.0.2) [27/Apr/2003 12:44:42 12860] [info] Connection to child 1 established (server linux:443, client 192.168.0.2) [27/Apr/2003 12:44:42 12860] [info] Seeding PRNG with 1160 bytes of entropy [27/Apr/2003 12:44:42 12860] [info] Connection: Client IP: 192.168.0.2, Protocol: SSLv3, Cipher: RC4-MD5 (128/128 bits) [27/Apr/2003 12:44:42 12860] [info] Initial (No.1) HTTPS request received for child 1 (server linux:443) [27/Apr/2003 12:44:42 12860] [info] Connection to child 1 closed with unclean shutdown (server linux:443, client 192.168.0.2) ERROR_LOG : [Sat Apr 26 15:21:50 2003] [notice] Apache/1.3.27 (Unix) mod_perl/1.27 mod_ssl/2.8.11 OpenSSL/0.9.6g configured -- resuming normal operations [Sat Apr 26 15:21:50 2003] [notice] Accept mutex: sysvsem (Default: sysvsem) [Sat Apr 26 15:24:13 2003] [notice] caught SIGTERM, shutting down [Sat Apr 26 15:24:15 2003] [notice] Apache/1.3.27 (Unix) mod_perl/1.27 mod_ssl/2.8.11 OpenSSL/0.9.6g configured -- resuming normal operations [Sat Apr 26 15:24:15 2003] [notice] Accept mutex: sysvsem (Default: sysvsem) [Sat Apr 26 15:25:16 2003] [error] [client 192.168.0.2] File does not exist: /usr/local/www/htdocs/ps [Sat Apr 26 15:25:59 2003] [notice] caught SIGTERM, shutting down [Sat Apr 26 15:26:01 2003] [notice] Apache/1.3.27 (Unix) mod_perl/1.27 mod_ssl/2.8.11 OpenSSL/0.9.6g configured -- resuming normal operations [Sat Apr 26 15:26:01 2003] [notice] Accept mutex: sysvsem (Default: sysvsem) [Sat Apr 26 15:26:03 2003] [error] [client 192.168.0.2] File does not exist: /usr/local/www/htdocs/ps [Sat Apr 26 15:26:05 2003] [error] [client 192.168.0.2] File does not exist: /usr/local/www/htdocs/ps [Sat Apr 26 15:26:05 2003] [error] [client 192.168.0.2] File does not exist: /usr/local/www/htdocs/ps [Sat Apr 26 15:26:06 2003] [error] [client 192.168.0.2] File does not exist: /usr/local/www/htdocs/ps [Sat Apr 26 15:26:07 2003] [error] [client 192.168.0.2] File does not exist: /usr/local/www/htdocs/ps [Sat Apr 26 15:26:07 2003] [error] [client 192.168.0.2] File does not exist: /usr/local/www/htdocs/ps [Sat Apr 26 15:26:08 2003] [error] [client 192.168.0.2] File does not exist: /usr/local/www/htdocs/ps [Sat Apr 26 15:26:08 2003] [error] [client 192.168.0.2] File does not exist: /usr/local/www/htdocs/ps [Sat Apr 26 15:26:09 2003] [error] [client 192.168.0.2] File does not exist: /usr/local/www/htdocs/ps [Sat Apr 26 15:26:24 2003] [error] [client 192.168.0.2] File does not exist: /usr/local/www/htdocs/ps [Sat Apr 26 15:27:41 2003] [notice] caught SIGTERM, shutting down [Sat Apr 26 15:27:49 2003] [notice] Apache/1.3.27 (Unix) mod_perl/1.27 mod_ssl/2.8.11 OpenSSL/0.9.6g configured -- resuming normal operations [Sat Apr 26 15:27:49 2003] [notice] Accept mutex: sysvsem (Default: sysvsem) [Sat Apr 26 15:27:53 2003] [error] [client 192.168.0.2] File does not exist: /usr/local/www/htdocs/favicon.ico [Sat Apr 26 15:27:55 2003] [error] [client 192.168.0.2] File does not exist: /usr/local/www/htdocs/ps [Sat Apr 26 15:28:01 2003] [error] [client 192.168.0.2] File does not exist: /usr/local/www/htdocs/PS [Sat Apr 26 15:29:00 2003] [error] [client 192.168.0.2] File does not exist: /usr/local/www/htdocs/PS [Sat Apr 26 15:29:40 2003] [error] [client 192.168.0.2] File does not exist: /usr/local/www/htdocs/ps [Sat Apr 26 15:29:51 2003] [error] [client 192.168.0.2] File does not exist: /usr/local/www/htdocs/cgi-bin [Sat Apr 26 15:30:10 2003] [notice] caught SIGTERM, shutting down [Sat Apr 26 15:30:29 2003] [notice] Apache/1.3.27 (Unix) mod_perl/1.27 mod_ssl/2.8.11 OpenSSL/0.9.6g configured -- resuming normal operations [Sat Apr 26 15:30:29 2003] [notice] Accept mutex: sysvsem (Default: sysvsem) [Sat Apr 26 15:30:32 2003] [error] [client 192.168.0.2] File does not exist: /usr/local/www/htdocs/demarc [Sat Apr 26 15:32:27 2003] [notice] caught SIGTERM, shutting down [Sat Apr 26 15:36:58 2003] [notice] Apache/1.3.27 (Unix) mod_perl/1.27 mod_ssl/2.8.11 OpenSSL/0.9.6g configured -- resuming normal operations [Sat Apr 26 15:36:58 2003] [notice] Accept mutex: sysvsem (Default: sysvsem) [Sat Apr 26 15:38:24 2003] [notice] caught SIGTERM, shutting down [Sat Apr 26 15:39:11 2003] [notice] Apache/1.3.27 (Unix) mod_perl/1.27 mod_ssl/2.8.11 OpenSSL/0.9.6g configured -- resuming normal operations [Sat Apr 26 15:39:11 2003] [notice] Accept mutex: sysvsem (Default: sysvsem) [Sat Apr 26 15:55:46 2003] [notice] caught SIGTERM, shutting down [Sat Apr 26 15:55:51 2003] [notice] Apache/1.3.27 (Unix) mod_perl/1.27 mod_ssl/2.8.11 OpenSSL/0.9.6g configured -- resuming normal operations [Sat Apr 26 15:55:51 2003] [notice] Accept mutex: sysvsem (Default: sysvsem) [Sun Apr 27 12:40:33 2003] [notice] caught SIGTERM, shutting down [Sun Apr 27 12:40:47 2003] [notice] Apache/1.3.27 (Unix) mod_perl/1.27 mod_ssl/2.8.11 OpenSSL/0.9.6g configured -- resuming normal operations [Sun Apr 27 12:40:47 2003] [notice] Accept mutex: sysvsem (Default: sysvsem) [Sun Apr 27 12:41:31 2003] [notice] SIGHUP received. Attempting to restart [Sun Apr 27 12:41:31 2003] [notice] Apache/1.3.27 (Unix) mod_perl/1.27 mod_ssl/2.8.11 OpenSSL/0.9.6g configured -- resuming normal operations [Sun Apr 27 12:41:31 2003] [notice] Accept mutex: sysvsem (Default: sysvsem) ACCESS.LOG 192.168.0.2 - - [26/Apr/2003:15:27:53 -0700] "GET /favicon.ico HTTP/1.1" 404 285 192.168.0.2 - - [26/Apr/2003:15:27:55 -0700] "GET /ps HTTP/1.1" 404 276 192.168.0.2 - - [26/Apr/2003:15:28:01 -0700] "GET /PS HTTP/1.1" 404 276 192.168.0.2 - - [26/Apr/2003:15:29:00 -0700] "GET /PS HTTP/1.1" 404 276 192.168.0.2 - - [26/Apr/2003:15:29:40 -0700] "GET /ps HTTP/1.1" 404 276 192.168.0.2 - - [26/Apr/2003:15:29:45 -0700] "GET / HTTP/1.1" 200 2007 192.168.0.2 - - [26/Apr/2003:15:29:51 -0700] "GET /cgi-bin HTTP/1.1" 404 281 192.168.0.2 - - [26/Apr/2003:15:30:32 -0700] "GET /demarc HTTP/1.1" 404 280 192.168.0.2 - - [26/Apr/2003:15:30:36 -0700] "GET / HTTP/1.1" 200 2007 192.168.0.2 - - [26/Apr/2003:15:30:37 -0700] "GET /manual/index.html HTTP/1 1" 200 9465 192.168.0.2 - - [26/Apr/2003:15:30:37 -0700] "GET /manual/images/apache_header.gif HTTP/1.1" 200 4084 192.168.0.2 - - [26/Apr/2003:15:30:37 -0700] "GET /manual/images/index.gif HTTP/1.1" 200 1540 192.168.0.2 - - [26/Apr/2003:15:30:37 -0700] "GET /manual/images/pixel.gif HTTP/1.1" 200 61 192.168.0.2 - - [26/Apr/2003:15:30:49 -0700] "GET /manual/vhosts/index.html HTTP/1.1" 200 3274 192.168.0.2 - - [26/Apr/2003:15:30:49 -0700] "GET /manual/images/home.gif HTTP/1.1" 200 1465 192.168.0.2 - - [26/Apr/2003:15:30:49 -0700] "GET /manual/images/sub.gif HTTP/1.1" 200 6083 192.168.0.2 - - [27/Apr/2003:12:44:42 -0700] "GET /Demarc/PureSecure HTTP/1 1" 403 278 SSL_REQUEST.LOG [26/Apr/2003:15:16:16 -0700] 192.168.0.2 SSLv3 RC4-MD5 "GET /Console HTTP/1 1" 270 [26/Apr/2003:15:16:53 -0700] 192.168.0.2 SSLv3 RC4-MD5 "GET /images/index html HTTP/1.1" 280 [26/Apr/2003:15:17:01 -0700] 192.168.0.2 SSLv3 RC4-MD5 "GET /ps HTTP/1.1" 298 [26/Apr/2003:15:17:01 -0700] 192.168.0.2 SSLv3 RC4-MD5 "GET /Demarc/PureSecure HTTP/1.1" 284 [26/Apr/2003:15:21:55 -0700] 192.168.0.2 SSLv3 RC4-MD5 "GET /Demarc/PureSecure HTTP/1.1" 284 [26/Apr/2003:15:21:56 -0700] 192.168.0.2 SSLv3 RC4-MD5 "GET /Demarc/PureSecure HTTP/1.1" 284 [26/Apr/2003:15:21:57 -0700] 192.168.0.2 SSLv3 RC4-MD5 "GET /Demarc/PureSecure HTTP/1.1" 284 [26/Apr/2003:15:21:57 -0700] 192.168.0.2 SSLv3 RC4-MD5 "GET /Demarc/PureSecure HTTP/1.1" 284 [26/Apr/2003:15:21:57 -0700] 192.168.0.2 SSLv3 RC4-MD5 "GET /Demarc/PureSecure HTTP/1.1" 284 [26/Apr/2003:15:21:57 -0700] 192.168.0.2 SSLv3 RC4-MD5 "GET /Demarc/PureSecure HTTP/1.1" 284 [26/Apr/2003:15:21:57 -0700] 192.168.0.2 SSLv3 RC4-MD5 "GET /Demarc/PureSecure HTTP/1.1" 284 [26/Apr/2003:15:23:38 -0700] 192.168.0.2 SSLv3 RC4-MD5 "GET /Demarc/PureSecure HTTP/1.1" 284 [26/Apr/2003:15:23:39 -0700] 192.168.0.2 SSLv3 RC4-MD5 "GET /Demarc/PureSecure HTTP/1.1" 284 [26/Apr/2003:15:23:40 -0700] 192.168.0.2 SSLv3 RC4-MD5 "GET /Demarc/PureSecure HTTP/1.1" 284 [27/Apr/2003:12:44:42 -0700] 192.168.0.2 SSLv3 RC4-MD5 "GET /Demarc/PureSecure HTTP/1.1" 278
Current thread:
- Demarc Bart Decker (DCS) (Apr 28)