IPAUDIT install

rnf0528 · 07-16-2009, 08:22 AM

There are no changes to the logfile. SEULIX be causeing this?

unSpawn · 07-17-2009, 08:00 AM

Maybe SElinux, but I doubt SEULIX would be causing this. If it would you should see messages in audit.log or messages.

rnf0528 · 07-17-2009, 08:30 AM

Thats what I meant, I will disable it and try again.

unSpawn · 07-17-2009, 08:38 AM

OK, I'll hold. If that doesn't work I'll install -web and give it a go (as I only run ipaudit).

rnf0528 · 07-17-2009, 08:55 AM

That was the problem. Once I disabled it it worked like a camp. Thank you for the help.

rnf0528 · 07-17-2009, 09:15 AM

I do have one more question. I was reading articles in the forum and I seen where someone had a link to an article that showed how to password protect the web portion.Do you have any ideas, i am still looking for it

unSpawn · 07-17-2009, 09:37 AM

Quote:

Originally Posted by rnf0528

That was the problem. Once I disabled it it worked like a camp.

I'd rather you not disable SElinux as it is a proven good security enhancement. If the problem was with the "httpd_enable_homedirs" boolean you could set that and try again. If it was not then I would like to help you fix things. All you need to do is find related errors in /var/log/audit/audit.log.

Quote:

Originally Posted by rnf0528

link to an article that showed how to password protect the web portion.

http://wiki.linuxquestions.org/wiki/..._trusted_users has the basics else see http://www.howtoforge.org/htaccess_authentication or http://httpd.apache.org/docs/2.2/howto/htaccess.html ?

rnf0528 · 07-21-2009, 09:39 AM

Ok, Sounds good. I appreciate your help. I will enable it agian and then start posting error messages?

rnf0528 · 07-21-2009, 09:58 AM

Ok, I have enable SELINUX, and now all seems ok. But i have kept my firewall disabled. DO you think i need to reeanable the firwall as well, my only concern is that if the port is sending all that data and the firewall is on it will stop there.

rnf0528 · 07-21-2009, 12:20 PM

ok, The links you sent me worked perfectly to set a password. THANK YOU very much. My next step is to set up SSL on the already running apache server. I found this link http://www.securityfocus.com/infocus/1818 . DO i have to completely reinstall appache to get ssl working?

unSpawn · 07-21-2009, 01:59 PM

Sure, post any related error messages. I'm not sure I get your firewall question but if your firewall has default host rules of allowing SYN in for TCP/80 and ESTABLISHED,RELATED out, then the next initial request to the port should make it known to conntrack.

rnf0528 · 07-22-2009, 10:35 AM

Quote:

Originally Posted by rnf0528

ok, The links you sent me worked perfectly to set a password. THANK YOU very much. My next step is to set up SSL on the already running apache server. I found this link http://www.securityfocus.com/infocus/1818 . DO i have to completely reinstall appache to get ssl working?

I was able to get it working with everything enabled. NOw I am movingon to https. What do you think about my previous post?

unSpawn · 07-22-2009, 07:44 PM

Odd. I didn't see that post yesterday. No, if you already have the httpd package just 'yum -y install' the mod_ssl + distcache packages (or mod_nss + nss-tools). Alternatively you could use Stunnel for providing a SSL-enabled version for about any "plain" HTTP, FTP, POP, IMAP service.

rnf0528 · 07-23-2009, 01:24 PM

ok, Which is easier to install and manage? I have never heard of stunnel

unSpawn · 07-23-2009, 01:42 PM

I have no opinion over what is easier for you. They both aren't hard to install, configure or manage as long as you read the docs. If you have a single certificate all users may use for all IMAPS/POP3S/HTTPS/FTPS to that host then Stunnel might be easier. If your setup requires versatility only Apache can provide then by all means use mod_ssl. I just hope "never heard of" doesn't equal "F1! I can't find a searchengine to search the 'net with" ;-p