[Snort-users] Patch for ACID....!!

Saad Kadhi bsdguy at ...4401...
Sat Jan 12 07:46:03 EST 2002


On Sat, 2002-01-12 at 13:34, kamesh_rajaram at ...4543... wrote:
> Hi ACID users...!!
>        This is with respect to the product ACID (Version 0.9.6b19 ). I feel that
> an authentication procedure is required for the users of this console (Like what
> DEMARC has). Since i am planing to use ACID...i feel the need for
> authentication. Is there a patch already available..?? Else, i am planning to
> develop that module  as a patch...I seek ur advice on this issue. This mail is
> to avoid any duplication of work in that area. Mail back to me in
> leisure...Seeking ur kind co-operation in this regard.
I'm a bit confused w/ your post. What kind of authentication are you
seeking ? to run ACID, you need a webserver that can run php. &
nowadays, all webservers support some kind of authentication or another.
For example, let's take Apache. There is .htaccess, digest,mod_auth_db,
mod_auth_dbm & many other types of authentication. So why the heck do we
need a "supplemental" ACID-only authentication module since there is
already a truckload of methods for Apache itself ?

& If you don't want to go into big hassles configuring Apache to support
authentication for the $wwwdir/acid directory, you can use ssh port
forwarding as a mean to authenticate the admins. Here is how I do it:
1. configure apache to listen only to loopback address. For example:
localhost on port 8888 (that way you avoid Apache initially starting as
root since port >=1024)
2. generate a dsa key to use w/ your favorite openssh server installed
on the same box as apache
3. put in your local .ssh/config file sth like the following for the
apache server:
[snip]
Host acid.test.com
[snip]
   LocalForward 8888 localhost:8888
[snip]
4. now open a session to acid.test.com
5. open your browser & type:
http://localhost:8888

If this is not a *strong* authentication of sorts, then I don't see your
point Kamesh.

Regards.
-- 
/Saad --  [bsdguy at ...4401...] 
[pgp keyid: 35592A6D http://pgp.mit.edu]
# buy a geek-in-a-can, point nozzle at technical problem and spray
# if desesperate degauss your screen. it might solve your pb as well





More information about the Snort-users mailing list