Re: [sleuthkit-users] Autopsy over SSL?
Brought to you by:
carrier
Menu
▾
▴
Re: [sleuthkit-users] Autopsy over SSL?
|
From: Brooks, P. <pre...@tw...> - 2006-08-21 21:23:12
|
Yes, that works as well, but requires that all users of autopsy have =
shell access to the system. The apache solution provides a mechanism by =
which you can provide a means for users who may not be as proficient =
with ssh and other unix based commands.
I have actually used a combination of those mechanisms to create a =
distributed forensic environment. We had situations where a single case =
spanned several systems and we wanted a single interface into each. By =
setting up ssh tunnels to the autopsy daemons running on each forensic =
host, we were able to use different proxy paths on the apache server to =
allow us to easily step from one system to the other. This also made it =
easier for several investigators to work at the same time and provided =
for a strong authentication mechanism to boot.
-----Original Message-----
From: sle...@li... on behalf of Angus =
Marshall
Sent: Mon 8/21/2006 5:16 PM
To: sle...@li...
Subject: Re: [sleuthkit-users] Autopsy over SSL?
=20
A little idea for everyone - how about running it using SSH rather than =
HTTPS ?=20
I've just tried=20
ssh -L 1234:127.0.0.1:9999 amarshall@myhost=20
to log in to one of my workstations and launch autopsy
and then aimed a browser on the remote workstation to =
http://localhost:1234/autopsy
it works - my autopsy session on "myhost" is visible to the remote =
machine and
totally dependent on the ssh tunnel existing between the two hosts.=20
This gives a transient session, requiring an authentication process from =
the
remote end.
On Mon Aug 21 21:01 , 'Brooks, Prentis' <pre...@tw...> =
sent:
>Here is a sample from the apache 2.2 documentation that I have modified =
to
reflect how I did this before. These commands have not changed since =
2.0, so
this will work.
>
>ProxyRequests Off
>
># This is to control access, I highly recommend configuring apache to =
require
some level of authentication before=20
># proxying the connections.
>
>Order deny,allow
>Allow from all
>
>
>ProxyPass /autopsy http://127.0.0.1/autopsy
>ProxyPassReverse /autopsy http://127.0.0.1/autopsy
>
>=20
>
-------------------------------------------------------------------------=
Using Tomcat but need to do more? Need to support web services, =
security?
Get stuff done quickly with pre-integrated technology to make your job =
easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache =
Geronimo
http://sel.as-us.falkag.net/sel?cmd=3Dlnk&kid=3D120709&bid=3D263057&dat=3D=
121642
_______________________________________________
sleuthkit-users mailing list
https://lists.sourceforge.net/lists/listinfo/sleuthkit-users
http://www.sleuthkit.org
|
