[prev in list] [next in list] [prev in thread] [next in thread]
List: security-basics
Subject: Re: iptables log analysis tools
From: Yvan Laverdiere <laverdiy () videotron ! ca>
Date: 2003-02-24 19:22:33
[Download RAW message or body]
Hi,
Have a look at this page :
http://gege.org/iptables/doc/faq.html
Hope this helps...
Yvan
----- Original Message -----
From: "Skip Morrow" <skip@pelorus.org>
To: "Security-Basics" <security-basics@securityfocus.com>
Sent: Sunday, February 23, 2003 12:26 PM
Subject: iptables log analysis tools
ACID is great for analyzing snort logs. Are there any good software
packages with that kind of power and flexibility for iptables logs?
I think one place to start would be to find a way to have iptables
log to a mysql database (like snort does).
--
Skip Morrow, skip@pelorus.org on 02/23/2003
From alias@securityfocus.com Mon Feb 24 14:10:16 2003
X-Apparently-To: yladude@yahoo.com via 216.136.130.96; 24 Feb 2003
11:08:55 -0800 (PST)
Return-Path: <bugtraq-return-8426-yladude=hoo.com@securityfocus.com>
Received: from 205.206.231.26 (EHLO outgoing.securityfocus.com)
(205.206.231.26)
Received: from lists.securityfocus.com (lists.securityfocus.com
[205.206.231.19])
Mailing-List: contact bugtraq-help@securityfocus.com; run by ezmlm
Precedence: bulk
List-Id: <bugtraq.list-id.securityfocus.com>
List-Post: <mailto:bugtraq@securityfocus.com>
List-Help: <mailto:bugtraq-help@securityfocus.com>
List-Unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
List-Subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
Delivered-To: mailing list bugtraq@securityfocus.com
Delivered-To: moderator for bugtraq@securityfocus.com
Received: (qmail 20005 invoked from network); 23 Feb 2003 17:39:53 -0000
Date: 23 Feb 2003 17:42:43 -0000
Message-ID: <20030223174243.21642.qmail@mail.securityfocus.com>
From: alias@securityfocus.com
Subject: Re[2]: PHPNuke SQL Injection / General SQL Injection
To:
Content-Length: 727
MightyE,
In response to your mail of Saturday 22 February 2003 at 21:20:29:
M> Actually, user supplied input from $_COOKIES, $_POST, and $_GET
M> comes slash-escaped, so if the user enters
M> ' or 1=
M> as their input, the sql statement will look like
M> where some_int=' or 1=
M> [..snip..]
M> function escape($input){
M> if (get_magic_quotes_gpc()) return $input;
M> return addslashes($input);
M> }
M> [..snip..]
Better still, always do this:
...WHERE id =. intval($userinput) ." AND...
which doesn't rely on local configuration, magicquotes etc., and
resolves to (e.g.) "id =" when the $userinput is bad or missing.
Safe, simple, portable and effective.
--
Best regards,
James.
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic