Pascal Posted June 18, 2015 Report Posted June 18, 2015 Hello, I completed the installation of WinSnort on Windows 7 64bit using the tutorial. After the machine rebooted, I started a browser session to http://winids and got this error: The website cannot display the page HTTP 500 Most likely causes: •The website is under maintenance. •The website has a programming error. I was careful to validate each step before moving to the next. I revisited the steps under "Configuring IIS for PHP, and the Windows Intrusion Detection Systems security console" and confirmed them. The PHP test passed successfully. Do you have any suggestion? Thank you.
Morpheus Posted June 19, 2015 Report Posted June 19, 2015 At this point in the tutorial you should be finished. To test php at this point the test.php file needs to be copied to the d:\winids\inetpub\wwwroot\base\ folder. From the URL type: http://winids/test.php What kind of response are you getting?
Pascal Posted June 23, 2015 Author Report Posted June 23, 2015 I get a screen showing phpinfo() and a list of tables with configuration settings (result attached) testphp.pdf
Morpheus Posted June 24, 2015 Report Posted June 24, 2015 I get a screen showing phpinfo() and a list of tables with configuration settings (result attached) testphp.pdf What happens when you type from the URL: http://winids/base_main.php
Pascal Posted June 24, 2015 Author Report Posted June 24, 2015 I received the following: The website cannot display the page HTTP 500 Most likely causes: •The website is under maintenance. •The website has a programming error. What you can try: Refresh the page. Go back to the previous page.
Pascal Posted July 2, 2015 Author Report Posted July 2, 2015 Here is the base_conf.php file. Thank you. base_conf.php
Morpheus Posted July 4, 2015 Report Posted July 4, 2015 I only found one small item. I'm not sure because it appears that PHP is working because the test.php file runes as expected. You might try renaming the base folder, extracting the base program using administrator privileges, extract the signatures to the base folder per the tutorial, and copy the new config to the base folder. base_conf .php
Pascal Posted July 8, 2015 Author Report Posted July 8, 2015 I tried the following steps: - Renamed base folder to base.old - Ran D:\temp>unzip -oqq d:\temp\base-1.4.5.zip -d d:\winids\inetpub\wwwroot\base from d:\temp - Copied base_config.php to new base folder - Ran D:\temp>tartool d:\temp\opensource.tar.gz d:\winids\inetpub\wwwroot\base\signatures - Confirmed default document for default website is base_main.php I'm still getting the same http 500 error. Do you have any suggestions? Best regards, Pascal
Morpheus Posted July 8, 2015 Report Posted July 8, 2015 Zip up everything in the \inetpub\logs\LogFiles folder and attach.
Pascal Posted July 10, 2015 Author Report Posted July 10, 2015 Please find attached the LogFiles... Thank you. Inetpub logs.zip
Morpheus Posted July 10, 2015 Report Posted July 10, 2015 Did you run the modder.vbs file, and allow it to reboot by itself?
Pascal Posted July 13, 2015 Author Report Posted July 13, 2015 As I recall, I did. Should I run it again?
Morpheus Posted July 13, 2015 Report Posted July 13, 2015 It won't hurt to run it again. It could take up to 10 min. to automatically reboot. Don't intervene.
Pascal Posted July 15, 2015 Author Report Posted July 15, 2015 I ran the modder.vbs file again and got a series of Open File - Security Warning windows with the option to select Run or Cancel. I got prompted twice for each executable. The prompts were for these executable files: - vcredist_2010-x86.exe - vcredist_2010-x64.exe - vcredist_2012-x86.exe - vcredist_2012-x64.exe It rebooted within two minutes. I ran http://winids and got the same HTTP 500 error Anything else I can try?
Morpheus Posted July 15, 2015 Report Posted July 15, 2015 I'm out of suggestions? Might try looking for the error through Google and see if something there helps.
Anacostia Posted March 16, 2016 Report Posted March 16, 2016 This error is caused by the way DISM works on "non-professional" versions. DISM is deprecated in new Windows server systems. You need to enable user authentication for Apache server and Base to have this work. That said, if you have a system that is already compromised (as I do) leaving this feature disabled prevents the hacker from changing your database. I have had several attempts at unauthorized db access in just a few minutes on line, visible in the barnyard window. I am also running windump just so I can watch current activity, since by2 records the data but is NOT designed to update its display in real time. My hackers, or snort, prevent apps like wireshark from doing a full capture.
Morpheus Posted March 16, 2016 Report Posted March 16, 2016 Winsnort.com only supports specific versions of Windows which are posted in each tutorial. If a non-supported version are used then there may be quirks. There is no way for Winsnort.com to verify this, but this error 500 could be related to other issues. DISM is available in Windows 10, as it is with Server 2016. Once the install is completed it is recommended to close any holes and setup whatever it takes to secure the Windows Intrusion Detection System (WinIDS). If you want to write up short tip in securing the Apache Webserver, and Barnyard2 I think it could be of use to some users. If you do and it's something a novice could do during the install. I could add it to the tutorials. I'm really trying to stay away from some of this advanced stuff because it does cause additional work, and problems.
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now