Home

Products
   IDS Server
   IDS JDBC Driver
   What's New

Download
   IDS Server Trial
   ODBC Drivers
   Other Tools

Pricing

Ordering

Support
   FAQ
   Articles
   JDBC Quick Start

Company
   About Us
   Our Customers
   Contact



 

FAQ - Security

S1. My browser cannot access IDS Server installed on the same PC as "localhost".
Most likely you browser is configured to use a proxy server. Change you browser's proxy server setting to exclude 'localhost' and all port numbers or the port which IDS Server is using. In Internet Explorer, use View- Options- Connection- Proxy Server to change settings. In Netscape Navigator use Options- Network Preferences- Proxies- Manual Proxy Configuration. In Netscape Communicator use Edit- Preferences- Advance- Proxies- Manual proxy configuration.
 
S2. Cannot access IDS Server inside a firewall protected environment.
The computer running the IDS Server or the proxy server may be set up to block the port number that the IDS Server is using. You can either reconfigure the proxy server, or similar to topic S1 change the browser's proxy setting to exclude the IP address of the IDS Server.
 
S3. How do I make IDS Server inside a firewall available to the outside world.
You can configure the firewall to allow the IP address and the port number of IDS Server to pass through. Also, you must upgrade to IDS Server version 2.0 or higher. The older version 1.4.x does not work well with firewalls.

In the current release of IDS Server (2.5 or higher), IDS JDBC Driver can connect to an IDS Server via proxy server. This eliminated the need to "open a hole" on the firewall for IDS Server, thus provides a much better way for IDS Server to be integrated into a secure environment.
 
S4. Does IDS JDBC Driver support access through a client-side firewall?
Yes. In the current release of IDS Server (2.5 or higher), IDS JDBC Driver can connect to an IDS Server via proxy server. The proxy server protocol supported by the IDS JDBC Driver includes SSL Tunneling (HTTPS proxy), SOCKS v5.0 and 4.x.  Please refer to two informative articles for an indepth discussion:

    JDBC Connection via HTTPS Proxy
    Firewall Access in Java Applets
 
S5. How do I use idsa.exe to enhance system security?
You can configure the IDS Server to deny all client access except for a designated Web server. Then install the CGI program idsa.exe into the Web server and establish access restrictions on this program. For example, grant access to a certain group of users or to a certain set of IP addresses. By doing so, the only way a client application can connect to the IDS Server is by passing the authentication process enforce by the designated Web server on idsa.exe.

To configure the IDS Server in this way, edit the idss.ini file and enter grant for the Hosts setting in the [General] section. Then in the [Hosts] section enter only the IP address of the designated Web server. Then install the idsa.exe or nph-idsa.exe program onto the Web server and set up the access restriction.

Copyright c 1997-2006 IDS Software. All rights reserved.