No Authentication Page

[mk64]

I inherited a BASE/Snort box on WindowsXP from my predecessor.  It never asks me for a username/password.  As I can see how this machine could be used for ill-will, I'd like to secure it.  Anybody know how I can turn authentication back on?  I created a user, that didn't seem to help, as it still doesn't prompt for authentication.

Thanks

[benny]

I was wondering the same thing. Did you have any luck with this?

Thanks

[mk64]

Sadly no, I haven't figured it out yet.  I wish some expert would comment on this thread.

[Mark heynes]

Hi, If it works the same way it does under linux then

1, Stop the snort service
2, Run snort from the command line with -A and it will request a new password

[benny]

Hi guys,

Just figured it out. You just have to set $Use_Auth_System = 1 in the base_conf.php file and afterwards it will prompt you for the password. I'm running a Linux box and in my case the file can be found in /etc/acidbase/ directory, don't know where it is on Windows.

Cheers

[Kevin Johnson]

Do you mean authentication within BASE?  If so, its a config setting in the base_config.php file.  Set that and refresh the page.

Kevin

[Mark heynes]

Sorry please ignore last reply, it's been a long day

What web server is being used on this machine,
what version of snort

[mk64]

That worked!  Thanks!  For anyone else who might need this, the base_conf.php has a line like this in it:

$Use_auth_system = 1;

This is under apache\htdocs\base
Needs to be set to 1 for authentication to work.