Aha,
very good we got the real expert here and I definitely do not want to
compete with
you guys in Atlanta, however let me just outline a few things o this one
and then
we will see..
PS I did not only pass all the ICU courses but I am an authorized ATC
trainer myself,
still learning :-)
Lindley, Jim (ISSAtlanta) wrote:
>
> DO NOT DO WHAT MR JAEGER SUGGESTS!!!
>
> 1. If you re-install the Console and you don't have a previously archived
> private/public Console authentication key to restore during Console
> installation, then you will have to export the NEW Console authentication
> keys to the detectors with which you want the Console to communicate.
exactly that was my comment no.1 - so totally agree!
1. distribute the new console public key to your engine
>
> 2. There is NO need to delete the database log files
> (NETWORK_ENGINE.raw/.par/.tag), as they are completely unaffected by
> changing authentication keys.
maybe, maybe not. I have made different experiences and also the ISS
support
does have different views on this one. Anyway it doesnt hurt and when
restarting
the engine this gives you a clean start.
>
> 3. You don't need to delete any policy files, ESPECIALLY daemon.policy.
> While deleting current.policy will cause a re-application of the last pushed
> policy, just pushing the policy from the Console will re-create
> current.policy and re-initialize the detector. IF YOU DELETE daemon.policy,
> then stopping and starting the RealSecure Daemon (service) WITHOUT a
> daemon.policy will cause the daemon to restart without a MASTER Console and,
> in fact, the daemon MAY not restart at all.
this is confusing because its only partially true. Yes, the engine WILL
restart
WITHOUT a master console which is exactly what you need because the
console has
been changed. If the old console has not given up its master status,
than this
is the ONLY way to get the new console working besides reinstall. This
is what
Beck asked for and I havent seen your solution approach - have I
overlooked something?
BR
Karl
>
> James R Lindley
> Senior Security Instructor
> Internet Security Systems
> 678-443-6323
> An unquenchable thirst for Pierian waters.
> PS: I always recommend an ISS Education Course.
>
> -----Original Message-----
> From: Karl Jaeger [mailto:[EMAIL PROTECTED]]
> Sent: Friday, June 09, 2000 12:26 PM
> To: Beck Bryant
> Cc: [EMAIL PROTECTED]
> Subject: Re: Problem reporting to Real Secure console
>
> Hi,
>
> there is a workaround to reinstalling the engine/agent:
>
> 1. distribute the new console public key to your engine
> 2. delete the three netengine/hostagent files (par,raw,tag)
> 3. delete the current and the daemon policy
> 4. restart the engine and reconnect
>
> BR
> Karl Jaeger
> BDG
>
> Beck Bryant wrote:
> >
> > TO UNSUBSCRIBE: email "unsubscribe issforum" in the body of your message
> to
> > [EMAIL PROTECTED] Contact [EMAIL PROTECTED] for help with any
> problems!
> >
> ----------------------------------------------------------------------------
> >
> > My Real Secure console was just moved physically and the IP address was
> changed from one static address to another. Because of this, my RS agents
> and engines are now not reporting to the console.
> >
> > Real Secure Tech Support has advised that I need to do a re-install on
> each machine to re-establish the correct IP address.
> >
> > This sounds excessive to me. Has anyone else had this problem? Thanks for
> any help you can offer.
> >
> > Beck
begin: vcard
fn: Karl-Heinz Jaeger
n: Jaeger;Karl-Heinz
org: BDG
adr;dom: http://www.bdg.de;;;;;;
email;internet: [EMAIL PROTECTED]
tel;work: 49 6126 94433 21
tel;fax: 49 6126 94433 31
x-mozilla-cpt: ;0
x-mozilla-html: FALSE
version: 2.1
end: vcard
