Registrations to Open-AudIT forums are now closed. To ask any new questions please visit Opmantek Community Questions.

Open-AudIT

What's on your network?
It is currently Thu Mar 28, 2024 9:46 pm

All times are UTC + 10 hours




Forum locked This topic is locked, you cannot edit posts or make further replies.  [ 20 posts ]  Go to page Previous  1, 2
Author Message
 Post subject:
PostPosted: Thu Jul 27, 2006 8:43 am 
Offline
Newbie

Joined: Thu Jul 27, 2006 3:33 am
Posts: 8
Location: Houston, TX
[quote="d.l.dave"]I would have thought that you could get the ie submit method to work over ssl without any code changes.

The yesxml method may or may not work. But you can increase your chances by making sure the server certificate is signed by a known certificate authority.

Remember that this will only stop people from snooping the data that gets sent to the Open-Audit server by your clients. It won't stop people from accessing the Open-Audit site from anywhere else unless you take other precautions.

It also won't stop anyone from connecting to the Open-Audit page and submiting whatever random data they feel like.


well the idea is to have what ever script (audit.vbs?) run silently in the background and post the goods via https. i understand the app issue, i can firewall things off to where if src adder does not = what i say, deny. these hosts are behind nat gateway and all share 1 adder per site.

Top
 Profile  
 
 Post subject:
PostPosted: Thu Jul 27, 2006 6:14 pm 
Offline
Moderator

Joined: Sat Mar 04, 2006 2:44 am
Posts: 193
Cool. I was hoping you would say all that!


Top
 Profile  
 
 Post subject: https support
PostPosted: Thu Jul 27, 2006 8:24 pm 
Offline
Moderator
User avatar

Joined: Tue Jan 25, 2005 3:09 am
Posts: 2140
Location: Scotland
I added VERY basic https support to Winventory, see the following post

http://www.open-audit.org/phpbb2/viewtopic.php?t=974

Once things settle down I will do the same for open-audit, but the method used in this post should work.

NOTE: Apache / IIS must support https for this to work. If you use XAMPP or similar it should work as described in the post.


Top
 Profile  
 
 Post subject: Re: https support
PostPosted: Fri Jul 28, 2006 2:08 am 
Offline
Newbie

Joined: Thu Jul 27, 2006 3:33 am
Posts: 8
Location: Houston, TX
[quote="A_Hull"]I added VERY basic https support to Winventory, see the following post

http://www.open-audit.org/phpbb2/viewtopic.php?t=974

Once things settle down I will do the same for open-audit, but the method used in this post should work.

NOTE: Apache / IIS must support https for this to work. If you use XAMPP or similar it should work as described in the post.


that looks good, dosent look very complicated. thx. i hope to see this a little more refined in the future :D

Top
 Profile  
 
 Post subject:
PostPosted: Wed Nov 29, 2006 6:35 am 
Offline
Newbie

Joined: Wed Nov 29, 2006 5:00 am
Posts: 2
Is this implemented in the latest download or do I need to edit my own code?

I would like to use Open-Audit to audit remote customer sites as above using a .htaccess to restrict which NAT'd sites can submit to the server and then transmit the data over https:


Top
 Profile  
 
Display posts from previous:  Sort by  
Forum locked This topic is locked, you cannot edit posts or make further replies.  [ 20 posts ]  Go to page Previous  1, 2

All times are UTC + 10 hours


Who is online

Users browsing this forum: No registered users and 2 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group