Pascal Posted June 18, 2015 Report Posted June 18, 2015 Hello, I completed the installation of WinSnort on Windows 7 64bit using the tutorial. After the machine rebooted, I started a browser session to http://winids and got this error: The website cannot display the page HTTP 500 Most likely causes: •The website is under maintenance. •The website has a programming error. I was careful to validate each step before moving to the next. I revisited the steps under "Configuring IIS for PHP, and the Windows Intrusion Detection Systems security console" and confirmed them. The PHP test passed successfully. Do you have any suggestion? Thank you. Quote
Morpheus Posted June 19, 2015 Report Posted June 19, 2015 At this point in the tutorial you should be finished. To test php at this point the test.php file needs to be copied to the d:\winids\inetpub\wwwroot\base\ folder. From the URL type: http://winids/test.php What kind of response are you getting? Quote
Pascal Posted June 23, 2015 Author Report Posted June 23, 2015 I get a screen showing phpinfo() and a list of tables with configuration settings (result attached) testphp.pdf Quote
Morpheus Posted June 24, 2015 Report Posted June 24, 2015 I get a screen showing phpinfo() and a list of tables with configuration settings (result attached) testphp.pdf What happens when you type from the URL: http://winids/base_main.php Quote
Pascal Posted June 24, 2015 Author Report Posted June 24, 2015 I received the following: The website cannot display the page HTTP 500 Most likely causes: •The website is under maintenance. •The website has a programming error. What you can try: Refresh the page. Go back to the previous page. Quote
Pascal Posted July 2, 2015 Author Report Posted July 2, 2015 Here is the base_conf.php file. Thank you. base_conf.php Quote
Morpheus Posted July 4, 2015 Report Posted July 4, 2015 I only found one small item. I'm not sure because it appears that PHP is working because the test.php file runes as expected. You might try renaming the base folder, extracting the base program using administrator privileges, extract the signatures to the base folder per the tutorial, and copy the new config to the base folder. base_conf .php Quote
Pascal Posted July 8, 2015 Author Report Posted July 8, 2015 I tried the following steps: - Renamed base folder to base.old - Ran D:\temp>unzip -oqq d:\temp\base-1.4.5.zip -d d:\winids\inetpub\wwwroot\base from d:\temp - Copied base_config.php to new base folder - Ran D:\temp>tartool d:\temp\opensource.tar.gz d:\winids\inetpub\wwwroot\base\signatures - Confirmed default document for default website is base_main.php I'm still getting the same http 500 error. Do you have any suggestions? Best regards, Pascal Quote
Morpheus Posted July 8, 2015 Report Posted July 8, 2015 Zip up everything in the \inetpub\logs\LogFiles folder and attach. Quote
Pascal Posted July 10, 2015 Author Report Posted July 10, 2015 Please find attached the LogFiles... Thank you. Inetpub logs.zip Quote
Morpheus Posted July 10, 2015 Report Posted July 10, 2015 Did you run the modder.vbs file, and allow it to reboot by itself? Quote
Pascal Posted July 13, 2015 Author Report Posted July 13, 2015 As I recall, I did. Should I run it again? Quote
Morpheus Posted July 13, 2015 Report Posted July 13, 2015 It won't hurt to run it again. It could take up to 10 min. to automatically reboot. Don't intervene. Quote
Pascal Posted July 15, 2015 Author Report Posted July 15, 2015 I ran the modder.vbs file again and got a series of Open File - Security Warning windows with the option to select Run or Cancel. I got prompted twice for each executable. The prompts were for these executable files: - vcredist_2010-x86.exe - vcredist_2010-x64.exe - vcredist_2012-x86.exe - vcredist_2012-x64.exe It rebooted within two minutes. I ran http://winids and got the same HTTP 500 error Anything else I can try? Quote
Morpheus Posted July 15, 2015 Report Posted July 15, 2015 I'm out of suggestions? Might try looking for the error through Google and see if something there helps. Quote
Anacostia Posted March 16, 2016 Report Posted March 16, 2016 This error is caused by the way DISM works on "non-professional" versions. DISM is deprecated in new Windows server systems. You need to enable user authentication for Apache server and Base to have this work. That said, if you have a system that is already compromised (as I do) leaving this feature disabled prevents the hacker from changing your database. I have had several attempts at unauthorized db access in just a few minutes on line, visible in the barnyard window. I am also running windump just so I can watch current activity, since by2 records the data but is NOT designed to update its display in real time. My hackers, or snort, prevent apps like wireshark from doing a full capture. Quote
Morpheus Posted March 16, 2016 Report Posted March 16, 2016 Winsnort.com only supports specific versions of Windows which are posted in each tutorial. If a non-supported version are used then there may be quirks. There is no way for Winsnort.com to verify this, but this error 500 could be related to other issues. DISM is available in Windows 10, as it is with Server 2016. Once the install is completed it is recommended to close any holes and setup whatever it takes to secure the Windows Intrusion Detection System (WinIDS). If you want to write up short tip in securing the Apache Webserver, and Barnyard2 I think it could be of use to some users. If you do and it's something a novice could do during the install. I could add it to the tutorials. I'm really trying to stay away from some of this advanced stuff because it does cause additional work, and problems. Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.