Home
Products
IDS Server
IDS JDBC Driver
What's New
Download
IDS Server Trial
ODBC Drivers
Other Tools
Pricing
Ordering
Support
FAQ
Articles
JDBC Quick Start
Company
About Us
Our Customers
Contact
|
FAQ - Security
- S1. My browser cannot access IDS Server
installed on the same PC as "localhost".
- Most likely you browser is configured to use a proxy server. Change
you browser's proxy server setting to exclude 'localhost' and all port
numbers or the port which IDS Server is using. In Internet Explorer,
use View- Options- Connection- Proxy Server to change settings. In
Netscape Navigator use Options- Network Preferences- Proxies- Manual
Proxy Configuration. In Netscape Communicator use Edit- Preferences-
Advance- Proxies- Manual proxy configuration.
-
- S2. Cannot access IDS Server inside a firewall
protected environment.
- The computer running the IDS Server or the proxy server may be set
up to block the port number that the IDS Server is using. You can
either reconfigure the proxy server, or similar to topic S1
change the browser's proxy setting to exclude the IP address of the
IDS Server.
-
- S3. How do I make IDS Server inside a firewall
available to the outside world.
- You can configure the firewall to allow the IP address and the port
number of IDS Server to pass through. Also, you must upgrade to IDS
Server version 2.0 or higher. The older version 1.4.x does not work
well with firewalls.
In the current release of IDS Server (2.5 or higher), IDS JDBC Driver can
connect to an IDS Server via proxy server. This eliminated the need to
"open a hole" on the firewall for IDS Server, thus provides
a much better way for IDS Server to be integrated into a secure
environment.
-
- S4. Does IDS JDBC Driver support access through
a client-side firewall?
- Yes. In the current release of IDS Server (2.5 or higher), IDS JDBC Driver
can connect to an IDS Server via proxy server. The proxy server
protocol supported by the IDS JDBC Driver includes SSL Tunneling
(HTTPS proxy),
SOCKS v5.0 and 4.x. Please refer to two informative articles for an indepth
discussion:
JDBC Connection via HTTPS Proxy
Firewall
Access in Java Applets
-
- S5. How do I use idsa.exe to enhance
system security?
- You can configure the IDS Server to deny all client access except
for a designated Web server. Then install the CGI program idsa.exe
into the Web server and establish access restrictions on this program.
For example, grant access to a certain group of users or to a certain
set of IP addresses. By doing so, the only way a client application
can connect to the IDS Server is by passing the authentication process
enforce by the designated Web server on idsa.exe.
To configure the IDS Server in this way, edit the idss.ini
file and enter grant for the Hosts setting in the
[General] section. Then in the [Hosts] section enter only the IP
address of the designated Web server. Then install the idsa.exe or
nph-idsa.exe program onto the Web server and set up the access
restriction.
|