Snort mailing list archives

RE: WG: Demarc Security Update Advisory

From: Ryan Hill <rhill () xypoint com>
Date: Thu, 18 Apr 2002 14:05:46 -0700

Ben,

Although I can't address your question, I just wanted to let you know that
I'm sure the demarc folks would love feedback about your installation
problems at support () demarc com.  They are generally very good about
responding to help requests, even if you haven't yet purchased the product
from them.

I also installed the new version yesterday on a FreeBSD 4.5-STABLE system
and only had one minor problem with the new installer (permissions settings
on mysql data directories) which was easily remedied.  The rest of the
installation went smoothly and I was up and running in about 30 minutes with
the full snort-1.8.6,mysql,apache,demarc combination.  Compared to the 7-8
hour ordeal (yes, *nix's are still an ordeal to me!) of getting all the
necessary requirements put together manually on a new system, I very much
welcomed the installer!

I do miss the complete instruction guide that was provided on the old site
though...

Regards,

Ryan Hill, MCSE 
Manager, Technical Support (aka IT Ninja)
Corporate Information Systems
TeleCommunication Systems, Inc. (TCS) - http://www.telecomsys.com
v: 206.792.2276 - f: 206.792.2001

-----Original Message-----
From: Fallon, Benjamin [mailto:bfallon () Businessedge com] 
Sent: Thursday, April 18, 2002 12:44 PM
To: 'Poppi, Sandro'; snort-users () lists sourceforge net
Subject: RE: [Snort-users] WG: Demarc Security Update Advisory

Anyone know where I can get a reliable copy of the old version?  I
downloaded the new version for M$ and installed it per 
instructions provided
and it doesn't work.  You can't even log into it.  Its still 
complaining
about missing files but it is still looking for them using a *nix file
system. (/usr/local........) It keeps complaining about the 
LICENSE file
being missing if you try to log in as the admin and then 
complains that
Main.html is missing if you log in as anonymous.  I've 
waisted enough time
and can't find my copy of the older versions.  Lesson 
learned?  IF IT AIN'T
BROKE, DON'T MESS WITH IT.

Thanks in advance,

Ben

-----Original Message-----
From: Poppi, Sandro [mailto:Sandro.Poppi () wacker com]
Sent: Wednesday, April 17, 2002 1:02 AM
To: snort-users () lists sourceforge net
Subject: [Snort-users] WG: Demarc Security Update Advisory

I thought this would be interesting for many readers of this list.

CU,
Sandro

-----Ursprüngliche Nachricht-----
Von: Demarc Security Support [mailto:support () demarc com]
Gesendet: Mittwoch, 17. April 2002 02:15
An: bugtraq () securityfocus com
Betreff: Demarc Security Update Advisory

______________________________________________________________
__________

                 Demarc Security Update Advisory
______________________________________________________________
__________

Subject:                1.05 login bypass advisory
Date:                   16 April, 2002
______________________________________________________________
__________

Earlier today we were informed indirectly via a bugtraq posting, of a
security issue in the 1.05 version of our software. While were already
scheduled to release version 1.6 of the software tomorrow, it 
is advised
that you apply the following official patch to your current 
installation.
On untrusted networks, the bug could lead to acquisition of
administrative privileges within the Console.

---------

--- demarc              Sun Nov 11 23:48:39 2001
+++ demarc-patched      Tue Apr 16 12:49:56 2002
@@ -6094,6 +6094,7 @@
 ################
 sub check_login{
 my ($session_id) = @_;
+$session_id=~tr/[a-zA-Z0-9]//dc;

 ($session_id) || return;
 &expire_sessions;

----------

This bug is not an issue with version 1.6 which is scheduled for
release on Wednesday 17 April, 2002.  Please visit the new web site,
which will also be launched tomorrow, to download this new version.

If you have any questions related to this bug, please email us at
support () demarc com

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users


_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Current thread:

WG: Demarc Security Update Advisory Poppi, Sandro (Apr 16)
- <Possible follow-ups>
- RE: WG: Demarc Security Update Advisory Fallon, Benjamin (Apr 18)
- RE: WG: Demarc Security Update Advisory Ryan Hill (Apr 18)