Securing the ACID Web Console


217


Figure 7 7 


The Policy Editor window with 


snort.conf


 settings.


7.3 Securing the ACID Web Console


As you have seen in Chapter 6, ACID is a very useful tool for viewing and managing


data generated by the Snort sensors. However, there is one issue that is not yet


resolved security of ACID. If the web server running ACID is not secure, anybody


can go to the ACID web pages and modify, archive, and delete data in the database


using ACID. As you have seen, the user name and password are hard coded in the


ACID configuration file 


acid_conf.php


 and the person viewing ACID web pages


does not need to know the database user name and password to delete information from


the database. There are multiple methods that you can adopt to achieve security.


7.3.1


Using a Private Network


There are different ways to make ACID secure. One way is to use a private net 


work for all Snort sensors and the centralized database server where ACID and Apache


are installed so that their IP addresses are not visible from the Internet. This scheme is


still vulnerable to the internal users who have access to this private network.








footer






  


 


 


        

 


 

  

    

      
      
 Home 
      | About Us | Network 
      | Services | Support 
      | FAQ | Control Panel 
      | Order Online |
      Sitemap | Contact

      

      toronto web hosting

      
 

    

  

  




Our partners: 
PHP: Hypertext Preprocessor Cheap Web Hosting
JSP Web Hosting
Ontario Web Hosting 
Jsp Web Hosting 




Cheapest Web Hosting
Java Hosting
Cheapest Hosting



Visionwebhosting.net Business web hosting division of Vision Web Hosting Inc.. All rights reserved