Pascal

HTTP 500 when trying http://winids

18 posts in this topic

Hello,

I completed the installation of WinSnort on Windows 7 64bit using the tutorial. After the machine rebooted, I started a browser session to http://winids and got this error:

The website cannot display the page
 
  HTTP 500
    
Most likely causes:
•The website is under maintenance.
•The website has a programming error.
 

I was careful to validate each step before moving to the next. I revisited the steps under "Configuring IIS for PHP, and the Windows Intrusion Detection Systems security console" and confirmed them. The PHP test passed successfully.

Do you have any suggestion?

Thank you.

Share this post


Link to post
Share on other sites

At this point in the tutorial you should be finished. To test php at this point the test.php file needs to be copied to the d:\winids\inetpub\wwwroot\base\ folder.

From the URL type: http://winids/test.php

What kind of response are you getting?

Share this post


Link to post
Share on other sites

I received the following:


The website cannot display the page
 
  HTTP 500
    
Most likely causes:
•The website is under maintenance.
•The website has a programming error.
    
What you can try:
   

  Refresh the page. 
   

  Go back to the previous page. 
  
 

Share this post


Link to post
Share on other sites

I only found one small item. I'm not sure because it appears that PHP is working because the test.php file runes as expected.

You might try renaming the base folder, extracting the base program using administrator privileges,  extract the signatures to the base folder per the tutorial, and copy the new config to the base folder.

base_conf .php

Share this post


Link to post
Share on other sites

I tried the following steps:

- Renamed base folder to base.old

- Ran D:\temp>unzip -oqq d:\temp\base-1.4.5.zip -d d:\winids\inetpub\wwwroot\base from d:\temp

- Copied base_config.php to new base folder

- Ran D:\temp>tartool d:\temp\opensource.tar.gz d:\winids\inetpub\wwwroot\base\signatures

- Confirmed default document for default website is base_main.php

I'm still getting the same http 500 error.

Do you have any suggestions?

Best regards,

Pascal

Share this post


Link to post
Share on other sites

Zip up everything in the \inetpub\logs\LogFiles folder and attach.

Share this post


Link to post
Share on other sites

Did you run the modder.vbs file, and allow it to reboot by itself?

Share this post


Link to post
Share on other sites

It won't hurt to run it again. It could take up to 10 min. to automatically reboot. Don't intervene.

Share this post


Link to post
Share on other sites

I ran the modder.vbs file again and got a series of Open File - Security Warning windows with the option to select Run or Cancel. I got prompted twice for each executable. The prompts were for these executable files:

- vcredist_2010-x86.exe

- vcredist_2010-x64.exe

- vcredist_2012-x86.exe

- vcredist_2012-x64.exe

It rebooted within two minutes.

I ran http://winids and got the same HTTP 500 error

Anything else I can try?

Share this post


Link to post
Share on other sites

I'm out of suggestions? Might try looking for the error through Google and see if something there helps.

Share this post


Link to post
Share on other sites

This error is caused by the way DISM works on "non-professional" versions. DISM is deprecated in new Windows server systems. You need to enable user authentication for Apache server and Base to have this work. That said, if you have a system that is already compromised (as I do) leaving this feature disabled prevents the hacker from changing your database. I have had several attempts at unauthorized db access in just a few minutes on line, visible in the barnyard window. I am also running windump just so I can watch current activity, since by2 records the data but is NOT designed to update its display in real time. My hackers, or snort, prevent apps like wireshark from doing a full capture.

Share this post


Link to post
Share on other sites

Winsnort.com only supports specific versions of Windows which are posted in each tutorial. If a non-supported version are used then there may be quirks. There is no way for Winsnort.com to verify this, but this error 500 could be related to other issues.

DISM is available in Windows 10, as it is with Server 2016.

Once the install is completed it is recommended to close any holes and setup whatever it takes to secure the Windows Intrusion Detection System (WinIDS).

If you want to write up short tip in securing the Apache Webserver, and Barnyard2 I think it could be of use to some users. If you do and it's something a novice could do during the install. I could add it to the tutorials. I'm really trying to stay away from some of this advanced stuff because it does cause additional work, and problems.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now