Securing the ACID Web Console
217
Figure 7 7 
The Policy Editor window with 
snort.conf
 settings.
7.3 Securing the ACID Web Console
As you have seen in Chapter 6, ACID is a very useful tool for viewing and managing
data generated by the Snort sensors. However, there is one issue that is not yet
resolved security of ACID. If the web server running ACID is not secure, anybody
can go to the ACID web pages and modify, archive, and delete data in the database
using ACID. As you have seen, the user name and password are hard coded in the
ACID configuration file 
acid_conf.php
 and the person viewing ACID web pages
does not need to know the database user name and password to delete information from
the database. There are multiple methods that you can adopt to achieve security.
7.3.1
Using a Private Network
There are different ways to make ACID secure. One way is to use a private net 
work for all Snort sensors and the centralized database server where ACID and Apache
are installed so that their IP addresses are not visible from the Internet. This scheme is
still vulnerable to the internal users who have access to this private network.






footer




 

 

 

 

 Home | About Us | Network | Services | Support | FAQ | Control Panel | Order Online | Sitemap | Contact

toronto web hosting

 

Our partners: PHP: Hypertext Preprocessor Cheap Web Hosting JSP Web Hosting Ontario Web Hosting  Jsp Web Hosting

Cheapest Web Hosting Java Hosting Cheapest Hosting

Visionwebhosting.net Business web hosting division of Vision Web Hosting Inc.. All rights reserved