Re: Perl script issues - running ModSecurityConsole on a Windows box.
2007-06-22 17:28:00 GMT
We will do our best, but please understand that the support that is given to open source Mod users is “best effort”. This is no different then any other open source project. Yes, we do work for breach and this means that we are wearing multiple hats and also working on the commercial task items as well. We are normally very responsive to questions, issues, etc… but it can take a bit more time to setup different configurations and test them out. If you feel that the open source support is not adequate for your needs and timelines, you may want to consider purchasing commercial ModSecurity support.
Ryan C. Barnett
ModSecurity Community Manager
Breach Security: Director of Application
Web Application Security Consortium (WASC) Member
CIS Apache Benchmark Project Lead
SANS Instructor, GCIA, GCFA, GCIH, GSNA, GCUX, GSEC
Author: Preventing Web Attacks with Apache
From: Frank Misa
[mailto:frankmisa <at> hotmail.com]
Sent: Friday, June 22, 2007 1:18 PM
To: Ryan Barnett; Brian Rectanus; mod-security-users <at> lists.sourceforge.net
Subject: RE: [mod-security-users] Perl script issues - running ModSecurityConsole on a Windows box.
Hi Ryan, Brian:
OK - I can run from command-line now -- but now I'm back at square one -- Apache on Windows will not start if I configure my system as you suggest here: http://www.modsecurity.org/blog/archives/2007/03/modsecurity_con_1.html
You two guys are the only ones who have shown an interest in my question. I'm grateful...
You both work for Breach -- can you PLEASE configure an Windows/Apache box..... and confirm that you too are not seeing the same error ?
If it works for you then I'll drop this issue -- and pursue another avenue to parse/analyze the logs files I've generated.
1) I can now run the perl script from command line like this:
type C:\apache\logs\modSecurity\auditlog\modsec_audit.log | c:\Perl\bin\perl.exe modsec-auditlog-collector.pl C:\apache\logs\modSecurity\audit C:\apache\logs\modSecurity\auditlog\modsec_audit.log
NOTE: Even though the system initially complains about: "Failed processing RPC request: Failed to rename file from"
Files ARE actually accumulating in the modSecurityConsole ...\var\data\main\console\logs\pending directory -- great.
The UI looks - now - like it's getting some data - please see screenshot:
2) When I configure my Apache/Windows system like this:
>> Include "C:/apache/conf/modsecurity/*.conf"
>>SecAuditLog "|C:/Perl/bin/perl.exe C:/apache/bin/modsec-auditlog-collector.pl C:/apache/logs/modSecurity/audit C:/apache/logs/modSecurity/auditlog/audit.log"
I cannot start Apache -- no error on console running:
But the event viewer displays:
>>Faulting application Apache.exe, version 126.96.36.199, faulting module libapr.dll, version 0.9.12.0, fault address 0x0000d6f0.
Explore the seven wonders of the world Learn more!
------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/
_______________________________________________ mod-security-users mailing list mod-security-users <at> lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/mod-security-users