IEV Issue

emily · ‎12-09-2002

Hi All:

I just upgrade IDS4210 image from Version 3.0(1)S4 to 3.1(2)S23 , everything seem ok , except IDS can't listen on 443 port , as bellow is my check list

1:cat /usr/nr/sp-update/output.log

ids-postpatch: IDSk9-sp-3.1-1-S22.bin has been successfully installed.

Warning! Your system will begin shutdown in 30 seconds!!!

Press <Ctrl-C> to quit if you do not wish to reboot!

..............................

Shutting down now!

2:# ps -eaf |grep cidwebserver

root 658 1 0 00:03:21 ? 0:08 /usr/nr/idsRoot/bin/cidwebserver -d

# ps -eaf |grep cidServer

# kill -9 658

# ps -eaf |grep cidwebserver

# ./cidServer start

Settings match current configuration...no need to update.

Checking for certificates...certificates found.

Starting cidwebserver... done

# ./cidServer stop

Stopping cidwebserver... 707 terminated.

# ./cidServer start

Settings match current configuration...no need to update.

Checking for certificates...certificates found.

Starting cidwebserver... Error: cidwebserver (707) is already running.

# cidServer version

cidwebserver v37 (Release) 02/05/17-15:40

cidwebserver (707) is running.

I don't know above message are normal , any one can tell me!

gfullage · ‎12-10-2002

Not exactly sure what you're asking here, or what the problem is. The output of 1. is certainly vaild, seeing as you installed a service pack the sensor needs to reboot.

The output of 2. seems OK, why exactly are you trying to manually stop/start the web server? Everything I see there seems OK.

Do you mean you still can't https:// to the sensor? Are you sure https:// (TCP port 443) is open to the sensor (not being blocked anywhere)? Do you get prompted to accept the security certificate, or do you not get that far? If you login as root and do "netstat -an |grep 443" do you see the sensor listening on that port? If so then it should be working OK. Try doing a snoop on the command/control interface and then try https'ing in, do you see those packets come in?