re: unable to access Kibana from a remote computer

[Tung Nguyen]

Hi,

Sorry but I am a bit lost right now. I've just installed Security Onion using the 14.04.5.9 ISO image. The installation went well but I am unable to access https://securityonnion-ip/app/kibana

I've run so-allow to add my desktop IP as well. Doesn't fix the issue. netstat output shows listening on 443 but on tcp6? and not tcp4? is that my problem?

Any suggestion would be greatly appreciated!

Thanks

TN

[Jay Hawk]

Hi Tung,
What output do you get when you run:

sudo ufw status

Thanks,
Jay

[Tung Nguyen]

Jay,

This is what I got. I need to enable 443?

Status: active

To Action From
-- ------ ----
22/tcp ALLOW Anywhere
22,4505,4506,7736/tcp ALLOW 10.143.144.210
22/tcp (v6) ALLOW Anywhere (v6)

[Tung Nguyen]

On Thursday, March 22, 2018 at 11:27:21 PM UTC-6, Jay Hawk wrote:

Jay,

Thanks for the question. Ran "sudo ufw allow 443" took care of my issue! Again thank you so much.

[Jay Hawk]

Well... that allowed 443 to anything that can touch it... this certainly isn't best practice if you're running this in production.

Ideally you would want to lock the firewall rule to a specific IP, which could have been done with ufw or so-allow. 

--
Follow Security Onion on Twitter!
https://twitter.com/securityonion
---
You received this message because you are subscribed to a topic in the Google Groups "security-onion" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/security-onion/KMs4GntCi2Q/unsubscribe.
To unsubscribe from this group and all its topics, send an email to security-onio...@googlegroups.com.
To post to this group, send email to securit...@googlegroups.com.
Visit this group at https://groups.google.com/group/security-onion.
For more options, visit https://groups.google.com/d/optout.

[Tung Nguyen]

Jay,

Agreed. It is restricted to the management network only.