Snort mailing list archives
Re: Patch for ACID....!!
From: Saad Kadhi <bsdguy () docisland org>
Date: 12 Jan 2002 16:43:44 +0100
On Sat, 2002-01-12 at 13:34, kamesh_rajaram () sify com wrote:
Hi ACID users...!!
This is with respect to the product ACID (Version 0.9.6b19 ). I feel that
an authentication procedure is required for the users of this console (Like what
DEMARC has). Since i am planing to use ACID...i feel the need for
authentication. Is there a patch already available..?? Else, i am planning to
develop that module as a patch...I seek ur advice on this issue. This mail is
to avoid any duplication of work in that area. Mail back to me in
leisure...Seeking ur kind co-operation in this regard.
I'm a bit confused w/ your post. What kind of authentication are you seeking ? to run ACID, you need a webserver that can run php. & nowadays, all webservers support some kind of authentication or another. For example, let's take Apache. There is .htaccess, digest,mod_auth_db, mod_auth_dbm & many other types of authentication. So why the heck do we need a "supplemental" ACID-only authentication module since there is already a truckload of methods for Apache itself ? & If you don't want to go into big hassles configuring Apache to support authentication for the $wwwdir/acid directory, you can use ssh port forwarding as a mean to authenticate the admins. Here is how I do it: 1. configure apache to listen only to loopback address. For example: localhost on port 8888 (that way you avoid Apache initially starting as root since port >=1024) 2. generate a dsa key to use w/ your favorite openssh server installed on the same box as apache 3. put in your local .ssh/config file sth like the following for the apache server: [snip] Host acid.test.com [snip] LocalForward 8888 localhost:8888 [snip] 4. now open a session to acid.test.com 5. open your browser & type: http://localhost:8888 If this is not a *strong* authentication of sorts, then I don't see your point Kamesh. Regards. -- /Saad -- [bsdguy () docisland org] [pgp keyid: 35592A6D http://pgp.mit.edu] # buy a geek-in-a-can, point nozzle at technical problem and spray # if desesperate degauss your screen. it might solve your pb as well _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Patch for ACID....!! kamesh_rajaram (Jan 12)
- Re: Patch for ACID....!! Saad Kadhi (Jan 12)
- RE: Patch for ACID....!! Frank Reid (Jan 13)
- RE: Patch for ACID....!! Saad Kadhi (Jan 13)
- UDP Alerts Frank Reid (Jan 13)
- Re: UDP Alerts Matt Kettler (Jan 14)
- RE: Patch for ACID....!! Frank Reid (Jan 13)
- Re: Patch for ACID....!! Saad Kadhi (Jan 12)