Security Basics mailing list archives
Re: iptables log analysis tools
From: Yvan Laverdiere <laverdiy () videotron ca>
Date: Mon, 24 Feb 2003 14:22:33 -0500
Hi, Have a look at this page : http://gege.org/iptables/doc/faq.html Hope this helps... Yvan ----- Original Message ----- From: "Skip Morrow" <skip () pelorus org> To: "Security-Basics" <security-basics () securityfocus com> Sent: Sunday, February 23, 2003 12:26 PM Subject: iptables log analysis tools ACID is great for analyzing snort logs. Are there any good software packages with that kind of power and flexibility for iptables logs? I think one place to start would be to find a way to have iptables log to a mysql database (like snort does). -- Skip Morrow, skip () pelorus org on 02/23/2003
From alias () securityfocus com Mon Feb 24 14:10:16 2003
X-Apparently-To: yladude () yahoo com via 216.136.130.96; 24 Feb 2003 11:08:55 -0800 (PST) Return-Path: <bugtraq-return-8426-yladude=hoo.com () securityfocus com> Received: from 205.206.231.26 (EHLO outgoing.securityfocus.com) (205.206.231.26) Received: from lists.securityfocus.com (lists.securityfocus.com [205.206.231.19]) Mailing-List: contact bugtraq-help () securityfocus com; run by ezmlm Precedence: bulk List-Id: <bugtraq.list-id.securityfocus.com> List-Post: <mailto:bugtraq () securityfocus com> List-Help: <mailto:bugtraq-help () securityfocus com> List-Unsubscribe: <mailto:bugtraq-unsubscribe () securityfocus com> List-Subscribe: <mailto:bugtraq-subscribe () securityfocus com> Delivered-To: mailing list bugtraq () securityfocus com Delivered-To: moderator for bugtraq () securityfocus com Received: (qmail 20005 invoked from network); 23 Feb 2003 17:39:53 -0000 Date: 23 Feb 2003 17:42:43 -0000 Message-ID: <20030223174243.21642.qmail () mail securityfocus com> From: alias () securityfocus com Subject: Re[2]: PHPNuke SQL Injection / General SQL Injection To: Content-Length: 727 MightyE, In response to your mail of Saturday 22 February 2003 at 21:20:29: M> Actually, user supplied input from $_COOKIES, $_POST, and $_GET M> comes slash-escaped, so if the user enters M> ' or 1= M> as their input, the sql statement will look like M> where some_int=' or 1= M> [..snip..] M> function escape($input){ M> if (get_magic_quotes_gpc()) return $input; M> return addslashes($input); M> } M> [..snip..] Better still, always do this: ...WHERE id =. intval($userinput) ." AND... which doesn't rely on local configuration, magicquotes etc., and resolves to (e.g.) "id =" when the $userinput is bad or missing. Safe, simple, portable and effective. -- Best regards, James.
Current thread:
- Permissions scanner Di Fresco Marco (Feb 22)
- iptables log analysis tools Skip Morrow (Feb 24)
- Re: iptables log analysis tools Yvan Laverdiere (Feb 24)
- Re: iptables log analysis tools Chris Travers (Feb 24)
- <Possible follow-ups>
- Re: Permissions scanner Chris Berry (Feb 24)
- RE: Permissions scanner Di Fresco Marco (Feb 25)
- Re: Permissions scanner Harvey Cary (Feb 26)
- RE: Permissions scanner Di Fresco Marco (Feb 25)
- iptables log analysis tools Skip Morrow (Feb 24)