[prev in list] [next in list] [prev in thread] [next in thread]
List: mod-security-users
Subject: [mod-security-users] Re: Re: Log-parser
From: "Evert" <evert () digipix ! org>
Date: 2005-05-23 21:15:29
Message-ID: d6th2c$v5k$1 () sea ! gmane ! org
[Download RAW message or body]
> The problem with this approach is
> what will your script do if the client submits non-standard client
> headers? Will this be reported?
nope. but i hadn't seen any other tokens then the tokens i search for
in my parser script, so i didn't know that others where available.
what i can do is make an extra field in the dbase with 'other tokens'
then the tokens i search for... or redesign the parser to include only
the tokens that are available for a specific 'attack'. hmm. let me think
about this.
maybe you can help me a bit by sending some entries of your audit_log
with those extra headers.
kind regards,
Evert
-------------------------------------------------------
This SF.Net email is sponsored by Oracle Space Sweepstakes
Want to be the first software developer in space?
Enter now for the Oracle Space Sweepstakes!
http://ads.osdn.com/?ad_id=7412&alloc_id=16344&op=click
_______________________________________________
mod-security-users mailing list
mod-security-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/mod-security-users
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic