Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: cannot authenticate to MSSQL database from BASE

From: "Michael Steele" <michaels () winsnort com>
Date: Mon, 6 Feb 2012 17:44:43 -0500
I think you are so far past what he can do, but maybe not? It was depicted
as if he used the install guide from Winsnort.com. If he installed SQL
Server for SSL then the SQL Server was not installed as described in the
guide. 

 

Kindest regards,

Michael...

 

WINSNORT.com Management Team Member

--

****************** Established ~ 2001 *******************

*          Visit Us @  <http://www.winsnort.com> http://www.winsnort.com
*

*      ~~ FREE WinIDS Snort installation guides ~~      *

*               ~~ FREE support forums ~~               *

* Snort: Open Source Network IDS -  <http://www.snort.org>
http://www.snort.org *

*********************************************************

 

From: Billy Marshall [mailto:Billy.Marshall () state co us] 
Sent: Monday, February 06, 2012 3:57 PM
To: 'tadios tefera'; Michael Steele
Cc: snort-users () lists sourceforge net
Subject: Re: [Snort-users] cannot authenticate to MSSQL database from BASE

 

Not sure but it starting to sound like a CA certificate issue not an
encryption issue. Hope the following helps

 

http://support.microsoft.com/kb/318605

 

Install the public key in the client server.  

For the client to request the SSL encryption, the client computer must trust
the server certificate and the certificate must already exist on the server.
You have to use the MMC snap-in to export the Trusted Root Certification
Authority used by the server certificate:

1.       To export the server certificate's Trusted Root Certificate
Authority (CA), follow these steps:
a.       Open MMC, and then locate your certificate in the Personal folder.
b.      Right-click the certificate name, and then click Open.
c.       Review the Certification Path tab. Note the top most item.
d.      Navigate to the Trusted Root Certification Authorities folder, and
then locate the Certificate Authority noted in step c..
e.      Right-click CA, point to All Tasks, and then click Export.
f.        Select all the defaults, and then save the exported file to your
disk where the client computer can access the file.
1.       Follow these steps to import the certificate on the client
computer:
a.       Navigate to the client computer by using the MMC snap-in, and then
browse to the Trusted Root Certification Authorities folder.
b.      Right-click the Trusted Root Certification Authorities folder, point
to All Tasks, and then click Import.




"Michael Steele" <michaels () winsnort com> 2/3/2012 8:34 AM >>>


Did you use the SQL Server software pack provided on Winsnort.com?

Was it installed using the guide on Winsnort.com?

 

Kindest regards,

Michael...

 

WINSNORT.com Management Team Member

--

****************** Established ~ 2001 *******************

*          Visit Us @  <http://www.winsnort.com> http://www.winsnort.com
*

*      ~~ FREE WinIDS Snort installation guides ~~      *

*               ~~ FREE support forums ~~               *

* Snort: Open Source Network IDS -  <http://www.snort.org>
http://www.snort.org *

*********************************************************

 

From: tadios tefera [mailto:ttefera () gmail com] 
Sent: Thursday, February 02, 2012 11:12 AM
To: Jeremy Hoel
Cc: Billy Marshall; snort-users () lists sourceforge net
Subject: Re: [Snort-users] cannot authenticate to MSSQL database from BASE

 

Yes, that is what it is showing, it is also several pages long.

 

So does anyone have any suggestions?

Is this a bug in the versions I am running?

 

PHP 5.2.17

adodb514

base 1.4.5

 

Also, in my original question, the MSSQL Server Log shows that a connection
is attempted but fails. The connection failure is indicated by the
following:

 

"Encryption is required to connect to this server but the client library
does not support encryption; the connection has been closed. Please upgrade
your client library. [CLIENT: 192.168.15.111]"

The specified IP is of the webserver that is hosting base, php and adodb.

 

What client library should I be using? and is there a way to specify
encryption in base_config.php or php.ini?

 



 

On Thu, Feb 2, 2012 at 10:30 AM, Jeremy Hoel <jthoel () gmail com> wrote:

When you run that page (test.php) does it display a lot of info about
php?  If it does, then it's working.  From your message it sounds like
it's showing

"<?php

   phpinfo();

?>"


IT should show something like this -
http://files.zend.com/help/Zend-Core/phpinfo_screen.png


On Thu, Feb 2, 2012 at 3:23 PM, tadios tefera <ttefera () gmail com> wrote:

How can I confirm php is executing?

Per the documentation on Winsnort.com on how to setup snort and Base on
Windows, I have followed the test procedure to verify that php is

executing.

the procedure states, to place a test.php file in c:\inetpub\wwwroot\base.
The from a browser to execute test.php by http://ServerName/base/test.php
Test.php contains the following:
<?php

    phpinfo();

?>

The outcome on my browser is what is expected per the documentation on
Winsnort.com; it is a table showing php version, system, build date,
configure command, server api, etc....

Is this not a sufficient way to confirm that php is executing?




On Thu, Feb 2, 2012 at 10:04 AM, Jeremy Hoel <jthoel () gmail com> wrote:


Err.. sorry.  Got cut off at work

php is not parsing the file correctly.. it's not being interpreted by
the web server.



On Thu, Feb 2, 2012 at 3:03 PM, Jeremy Hoel <jthoel () gmail com> wrote:

if you just see the text of the php file and not the rendered version,
then php isn't executing..

On Wed, Feb 1, 2012 at 10:43 PM, tadios tefera <ttefera () gmail com>
wrote:

I am new to php and base...
How exactly should I be using this test?
If I save it as testing.php in the c:\inetpub\wwwroot\base, and

attempt

to
run it from a browser by http://ServerName/base/testing.php, i just

get

the
text content of the testing.php displayed in the browser.

any suggestions?



On Mon, Jan 30, 2012 at 4:29 PM, Billy Marshall
<Billy.Marshall () state co us>
wrote:


tad,

To test MSSQL basic connect using ADOdb is:


include('/path/to/set/here/adodb.inc.php');
$db =& ADONewConnection('odbc_mssql');

$dsn = "Driver={SQL Server};Server=localhost;Database=northwind;";
$db->Connect($dsn,'userid','password');

or if you prefer to use the mssql extension (which is limited to

mssql

6.5
functionality):

         $db =& ADONewConnection('mssql');

         $db->Execute('localhost', 'userid', 'password',

'northwind');




tadios tefera <ttefera () gmail com> 1/26/2012 4:02 PM >>>


not sure if my earlier message was delivered....

I have placed the connect.php file you attached in the "base" folder
on
the IIS server.

I have adjusted the authencitation info (password, etc...) for our

SQL

server:
$serverName = "SERVER-B";
$usr="snort";
$pwd="mypassword";
$db="snort";

And then I attempted to test by going to
http://SERVER-C/base/connect.php
; this is the reponse I got:
"Fatal error: Call to undefined function sqlsrv_connect() in
C:\inetpub\wwwroot\base\connect.php on line 11"

In my scenario, SERVER-B is the MSSQL server and SERVER-C is the IIS
server.

Am I using the connect.php DB connection test file as you

anticipated?


Thanks,

Tad.

On Mon, Jan 23, 2012 at 1:34 PM, tadios tefera <ttefera () gmail com>
wrote:


Thank you for your response Michael,
I have placed the connect.php file you attached in the "base" folder
on
the IIS server.
I have adjusted the authencitation info (password, etc...) for our
SQL
server:
$serverName = "SERVER-B";
$usr="snort";
$pwd="mypassword";
$db="snort";
And then I attempted to test by going to
http://SERVER-C/base/connect.php
; this is the reponse I got:
"Fatal error: Call to undefined function sqlsrv_connect() in
C:\inetpub\wwwroot\base\connect.php on line 11"
In my scenario, SERVER-B is the MSSQL server and SERVER-C is the IIS
server.
Am I using the connect.php DB connection test file as you
anticipated?
Thanks,
Tad.
On Sun, Jan 22, 2012 at 10:19 AM, Michael Steele
<michaels () winsnort com>
wrote:


You might be able to use the attached .php file to test the DB
connection and users credentials to the remote MSSQL database.

Kindest regards,

Michael...

WINSNORT.com Management Team Member

--

****************** Established ~ 2001 *******************

* Visit Us @ http://www.winsnort.com *

* ~~ FREE WinIDS Snort installation guides ~~ *

* ~~ FREE support forums ~~ *

* Snort: Open Source Network IDS - http://www.snort.org *

*********************************************************

From: tadios tefera [mailto:ttefera () gmail com]
Sent: Tuesday, January 17, 2012 11:31 AM
To: snort-users () lists sourceforge net
Subject: [Snort-users] cannot authenticate to MSSQL database from
BASE

Hi,

I have managed to get Snort 2.9.2 working on Windows 2008 R2
Servers.

The generated data from Snort is being placed in an mssql database.

My setup is as follows:

- Snort on a SERVER-A

- Database (MSSQL) on SERVER-B

- Web Portal (IIS7) on SERVER-C

But I am baffled as to how I can access the Snort data from the
database.

I have installed and configured base, adodb, and php on IIS7 and

all

indications are that the installs/configurations are correct.

When I access the "base" site from a browser: http://SERVER-C/base

,

I
get the following error:

------------------------------------------

Warning: mssql_connect() [function.mssql-connect]: Unable to

connect

to
server: SERVER-B in C:\WinIDS\adodb\drivers\adodb-mssql.inc.php on
line 556

Error connecting to DB : snort@SERVER-B

Check the DB connection variables in base_conf.php
= $alert_dbname : MySQL database name where the alerts are stored
= $alert_host : host where the database is stored
= $alert_port : port where the database is stored
= $alert_user : username into the database
= $alert_password : password for the username

------------------------------------------

I have verified numberous times that the dbname, host, port, user
and
password information are entered correctly in the base_conf.php
file.

I have also tried changing hostname with IP and resetting the
password
on the database instance with no luck.

I looked into the SQL server logs and it shows encryption is
required
for this communication. The exact error message in the mssql logs
is:

"Encryption is required to connect to this server but the client
library
does not support encryption; the connection has been closed. Please
upgrade
your client library. [CLIENT: 192.168.15.111]"

Client with IP 192.168.15.111 is SERVER-C.

My question is, how do I configure authentication encryption to
access
this database from Base?

Thanks,

Tad.













----------------------------------------------------------------------------
--

Keep Your Developer Skills Current with LearnDevNow!
The most comprehensive online learning library for Microsoft

developers

is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3,
MVC3,
Metro Style Apps, more. Free future releases when you subscribe now!
http://p.sf.net/sfu/learndevnow-d2d
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Please visit http://blog.snort.org to stay current on all the latest
Snort
news!





 


------------------------------------------------------------------------------
Try before you buy = See our experts in action!
The most comprehensive online learning library for Microsoft developers
is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3,
Metro Style Apps, more. Free future releases when you subscribe now!
http://p.sf.net/sfu/learndevnow-dev2
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!
Previous By Date Next
Previous By Thread Next

Current thread: