TO UNSUBSCRIBE: email "unsubscribe issforum" in the body of your message to
[EMAIL PROTECTED] Contact [EMAIL PROTECTED] for help with any problems!
----------------------------------------------------------------------------
There are a multitude of situations that would require you to either re-gain
master console status or flat out take control of it. Below is a quick set
of directions I wrote for our IT staff after our master consoles had a
meltdown. If you have just lost master console status and the detector
already has the public keys for the Console you want to be its master, just
skip the first part and continue on:
- On the Detector, stop the RealSecure Daemon service.
- On the Detector, run the install program, RS321NETENG.EXE, and only select
Import Public Keys.
- It will ask you to provide the path to your Console key directory.
Navigate to where ever you have the Consoles public keys stored (file
server, floppy, etc). Navigate to the Keys sub-directory, and click OK
(i.e., A:\Program Files\Iss\RealSecure 3.2\Keys).
- On the Detector, go to C:\Program Files\Iss\RealSecure 3.2\ , edit the
daemon.policy file, on the last line delete the master console entry so that
it looks like this: master console =S ;
Save the file and disconnect the mapped network drive while your in Windows
explorer.
- On the detector, restart the RealSecure Daemon service.
- On the new master Console start monitoring the Detector, bring up the
properties for the Detector and make sure that Make Master Console is
checked and that you can apply changes to the Detector.
Jeff
-----Original Message-----
From: Michael Wilson [mailto:[EMAIL PROTECTED]]
Sent: Thursday, August 24, 2000 22:25
To: Norton.Stephen
Cc: [EMAIL PROTECTED]
Subject: RE: Changing Master Console Monitor
TO UNSUBSCRIBE: email "unsubscribe issforum" in the body of your message to
[EMAIL PROTECTED] Contact [EMAIL PROTECTED] for help with any
problems!
----------------------------------------------------------------------------
Stephen,
That's what I thought, and what the documentation says. However,
when we tried this, it didn't work. Very confusing; the network sensor
insisted that it was still under the control of a non-existent machine.
-Mike Wilson
-Sr. Security Specialist
-UNIFIED Technologies
-Troy, NY
On Thu, 24 Aug 2000, Norton.Stephen wrote:
> Stopping and restarting the network engines will also relinquish Master
> Console status. The console is authenticated to the sensor through a
secure
> channel. Anything that breaks that authenticated connection will
relinquish
> the MC status.
>
>
> Stephen P. Norton
> Franchise Tax Board
> [EMAIL PROTECTED]
>
>
> -----Original Message-----
> From: Michael Wilson [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, August 24, 2000 12:26 PM
> To: [EMAIL PROTECTED]
> Subject: RE: Changing Master Console Monitor
>
>
>
> TO UNSUBSCRIBE: email "unsubscribe issforum" in the body of your message
to
> [EMAIL PROTECTED] Contact [EMAIL PROTECTED] for help with any
> problems!
>
----------------------------------------------------------------------------
>
>
> More interesting to me is the question of how you fix things if,
> for example, you have a master console assigned, but then that machine
> goes away for whatever reason, without backups. If you can't go and
> relinquish properly, then what? I imagine that this is the situation
> under discussion - otherwise he probably would have already tried to
> release it.
> I've got a situation like this at a customer site. In this case,
> it's immaterial, since we're doing a complete reinstall of the probes
> for other reasons anyway, but I'm curious to know how to make a probe
> release it's master without having the master available to make the
> request.
>
> -Mike Wilson
> -Sr. Security Specialist
> -UNIFIED Technologies
> -Troy, NY
>
> On Thu, 24 Aug 2000, Norton.Stephen wrote:
>
> >
> > TO UNSUBSCRIBE: email "unsubscribe issforum" in the body of your message
> to
> > [EMAIL PROTECTED] Contact [EMAIL PROTECTED] for help with any
> problems!
> >
>
----------------------------------------------------------------------------
> >
> > The message indicates another console ('hostname') has obtained Master
> > Controller status. This is granted by the sensors on a first-come,
> > first-served basis. If you want your console to be the designated
Master
> > Controller, you will need to go to the 'hostname' console and relinquish
> the
> > Master Controller status, then go back to your console and re-add the
> > network engine. If you are only monitoring the engine, and not making
any
> > configuration changes, you shouldn't need Master Controller status.
> >
> >
> > Stephen P. Norton
> > Franchise Tax Board
> > [EMAIL PROTECTED]
>
