I inherited a BASE/Snort box on WindowsXP from my predecessor. It never asks me for a username/password. As I can see how this machine could be used for ill-will, I'd like to secure it. Anybody know how I can turn authentication back on? I created a user, that didn't seem to help, as it still doesn't prompt for authentication.
I was wondering the same thing. Did you have any luck with this?
Sadly no, I haven't figured it out yet. I wish some expert would comment on this thread.
Hi, If it works the same way it does under linux then
1, Stop the snort service
2, Run snort from the command line with -A and it will request a new password
Just figured it out. You just have to set $Use_Auth_System = 1 in the base_conf.php file and afterwards it will prompt you for the password. I'm running a Linux box and in my case the file can be found in /etc/acidbase/ directory, don't know where it is on Windows.
Do you mean authentication within BASE? If so, its a config setting in the base_config.php file. Set that and refresh the page.
Sorry please ignore last reply, it's been a long day
What web server is being used on this machine,
what version of snort
That worked! Thanks! For anyone else who might need this, the base_conf.php has a line like this in it:
$Use_auth_system = 1;
This is under apache\htdocs\base
Needs to be set to 1 for authentication to work.