[prev in list] [next in list] [prev in thread] [next in thread]
List: osiris
Subject: Re: [osiris] problem with http access
From: "Alexei Roudnev" <Alexei_Roudnev () exigengroup ! com>
Date: 2003-11-18 18:38:26
Message-ID: 028901c3ae03$2790ecd0$870ea8c0 () exigengroup ! com
[Download RAW message or body]
It is useful to have a separate document, such as 'few samples' or 'FAQ'. Of
course, documentation is not a state of art, but is is much better, than
many _commercial_ documentations. May questions are caused by the
inconvenient design solutions (numerous config names; separation of
push-config and start-scan commands; no 'list-hots' analog on WWW interface;
minor bugs in import).
----- Original Message -----
From: "Luke West" <luke@responsys.com>
To: "'Osiris Users'" <osiris@lists.shmoo.com>
Sent: Tuesday, November 18, 2003 12:53 AM
Subject: RE: [osiris] problem with http access
Brian,
(sorry reading through a load of older emails)
Is it worth writing a simple bit about fixing problems like these?
I've lost count of the number of times I've found flaws in networking setup
causing these types of errors. So the diagnostics could be integrated in to
the product.
E.g.
Unix
Grep `hostname` /etc/hosts
Nslookup/dig hostname, see if they are the same IP
Cat /etc/resolv.conf, /etc/nsswitch.conf
Netstat -nrv
NT
Ipconfig /all
Nslookup hostname, see if they match
Nslookup 'master server'
This sort of thing.
L
-----Original Message-----
From: Brian Wotring [mailto:brian@shmoo.com]
Sent: 13 November 2003 13:59
To: Osiris Users
Subject: Re: [osiris] problem with http access
Can you provide more details about your setup? Does the host where the
management console is installed have a fixed IP, or a hostname? Does
it have a firewall that is blocking port 2267? Is all of this being
done on the same host? If so, you can set the http_host to
'127.0.0.1'.
Most of the time, problems with the http setup have to do with
firewalls, hostnames, or the access control list. The management
console has a built in access control list that will only allow
connections from localhost by default. If you are trying to connect
with a browser from a different host, you will need to add that host's
address in the ACL. You can allow connections from any host by adding
"*" to the ACL. You can set the ACL in the management console config
('edit-mhost' command).
You don't need to install OpenSSL or anything like that. Let me know
if you are still having problems.
On Nov 12, 2003, at 11:36 PM, Peter.Frey@haufe.de wrote:
> Hi,
>
> Is there any trick how to access OSIRIS through http?
> It does not work for me, when I try to open the URL shown in the
> notification email, my web browser (IE6) starts but waits forever
> never coming back with a response.
>
> The notification mail says:
>
> If these changes are approved, visit the URL below to set the latest
> scan database to be the trusted database. ...
>
> <https://lap80069:2267?host=local&base_db=3>
>
>
>
> Also, I updated to Osiris 2.1 lately in the hope it would fix this
> problem, as I read the following in the announcement email ("[osiris]
> osiris-2.1 released" received on November 10th):
>
> - solidified email and www update system. Upon receiving a
> notification, user
> logs into management console, views the scan log, and can
> optionally update
> the trusted db. This allows for a little more verification of the
> emailed
> log data.
>
> How should I understand the reference to the "www update system"?
> It would be very nice if the osiris would allow me to see the scan
> logs with a web browser.
>
>
>
> My osirismd.conf also contains an empty http_host by default, but
> changing it to the name of the machine hosting the management host
> does not help.
>
> http_port = 2267
> http_host =
>
> Any prerequisits to make this work on Windows?
> Do I need to add an OpenSSL library for my management host (a windows
> XP pro system) or is it installed by osiris itself?
>
> Peter
>
>
>
>
>
> _______________________________________________
> osiris mailing list
> osiris@lists.shmoo.com
> https://lists.shmoo.com/mailman/listinfo/osiris
--
Brian Wotring ( brian@shmoo.com )
PGP KeyID: 0x9674763D
_______________________________________________
osiris mailing list
osiris@lists.shmoo.com
https://lists.shmoo.com/mailman/listinfo/osiris
_______________________________________________
osiris mailing list
osiris@lists.shmoo.com
https://lists.shmoo.com/mailman/listinfo/osiris
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic