Securing ACID

Problem

You want to protect your ACID web page from unauthorized users.

Solution

Use the htpasswd command to create a password for the user acid. Make sure you use a strong password:

[root@localhost root]# mkdir /www/passwords

[root@localhost root]# /www/bin/htpasswd -c 

/www/passwords/passwords acid

New password:

Re-Type new password:

Adding password for user acid

Edit the /www/conf/httpd.conf file to include the following:


AuthType Basic

AuthName "SnortIDS"

AuthUserFile /www/passwords/passwords

Require user acid

Now restart the web server with the following command:

[root@localhost root]# /etc/init.d/httpd restart

The next time you access your ACID page, you will be prompted for the username and password.

Discussion

Securing your ACID database from unauthorized access is a great idea. Besides intruders having the ability to access the system and potentially cover their tracks, it keeps other inquisitive users from tampering with the database. The usernames and passwords are stored in the /www/passwords/passwords file. Although the passwords are encrypted, it is always a good idea to harden your system and protect it behind a perimeter firewall. If you are not the only person administering this system, it is a good practice to create separate usernames and passwords for each administrator to maintain accountability. Another consideration for securing ACID is to use SSL for encrypting the communications, especially the password authentication.

See Also

Recipe 5.6

Installing and Configuring Swatch

Installing Snort from Source on Unix

Logging to a File Quickly

How to Build Rules

Detecting Stateless Attacks and Stream Reassembly

Managing Snort Sensors

Generating Statistical Output from Snort Logs

Monitoring Network Performance

Index



Snort Cookbook
Snort Cookbook
ISBN: 0596007914
EAN: 2147483647
Year: 2006
Pages: 167

Flylib.com © 2008-2020.
If you may any questions please contact us: flylib@qtcs.net