Snort mailing list archives

Re: Fixes for autosnort users as well as all Debian 6 and CentOS 6.3 snort report users

From: Tony Robinson <deusexmachina667 () gmail com>
Date: Sun, 2 Dec 2012 12:23:21 -0500

No worries, Waldo sorry if I came off as defensive or terse in my responses.

So what this boils down to is, if I were to do a search for all "<?"
strings, and either via sed or other means, modified all instances of "<?"
to "<?php" would that resolve the need to change the short_open_tags option
in php.ini?

On Sat, Dec 1, 2012 at 7:07 PM, waldo kitty <wkitty42 () windstream net> wrote:

On 12/1/2012 12:12, Tony Robinson wrote:

my replies below yours:


inline? great! that's the way it /should/ be ;) ;)

On Sat, Dec 1, 2012 at 11:38 AM, waldo kitty wkitty42 () windstream net
wrote:
    why not just fix the short open tags to proper long tags?

1. Sorry, I did NOT write snort report. I'm just posting what I had to

do to

make it work. I had to do a bit of research on the web to figure this

out, and

apparently I wasn't the first one <

http://seclists.org/snort/2012/q3/1101> to

run into this problem.


no need to apologize... i wasn't aware of exactly what the problem was but
i'm
aware of this particular problem over the entire industry... i really wish
that
the php folks had not introduced this so called feature... it promotes
what i
call "lazy coder" syndrome ;)

i'm sure there are hundreds of thousands of similar reports of "problems"
related to the use of this "feature"... it does also cause problems with
xml
unless one knows about it and codes specifically to handle it...

    and here again... why not make the change in the code so it is never

a problem

    any more instead of requiring everyone else to change their

configurations?



See reply to answer 1 above. the script I provide installs snort

report.. I did

not write snort report nor have any affiliation with symmetrix, the

creators of

that front end. I do not know PHP well enough to do what you suggest,

nor am I a

memeber of the snort report team.  I'm posting a solution to a problem

others

have had. outside of scripting in BASH in terms of programming I'm a

lame duck

and will own up to it. A lot of the researching and testing I did was my

first

dive into PHP.


understood... my apologies if it seemed like i was bashing you or otherwise
being ugly or offensive... it was an honest question :)

FWIW: short tags in php are mainly related to using the lead-in "<?"
instead of
"<?php"... so they (the "lazy coders") are only saving 3 characters for
each php
code start... nothing else is changed...

     > chcon -R -t httpd_sys_rw_content_t snortreport-1.3.3/

    that command doesn't look right... or is chcon a new command like

chown and

    chmod??

chcon man page entry http://linux.die.net/man/1/chcon

tl; dr: chcon is to change SELinux permissions on a file/directory

recursively.

We're changing permissions on the snortreport-1.3.3 directory to allow

the

apache process the ability to read/write to files in this directory;

We're

telling SELinux that this is expected behavior and to not interfere.


ahh... it is something i am not familiar with and it is specific to
SELinux...
not a problem there... when i saw it i thought it might have been a typo
so had
to ask ;)

when does reality end? when does fantasy begin?


that's a hard pair of questions... some might ask "what is reality?" -=B-)



------------------------------------------------------------------------------
Keep yourself connected to Go Parallel:
DESIGN Expert tips on starting your parallel project right.
http://goparallel.sourceforge.net/
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest
Snort news!




-- 
when does reality end? when does fantasy begin?

------------------------------------------------------------------------------
Keep yourself connected to Go Parallel: 
DESIGN Expert tips on starting your parallel project right.
http://goparallel.sourceforge.net/

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!

Current thread:

Fixes for autosnort users as well as all Debian 6 and CentOS 6.3 snort report users Tony Robinson (Dec 01)
- Re: Fixes for autosnort users as well as all Debian 6 and CentOS 6.3 snort report users waldo kitty (Dec 01)
  - Re: Fixes for autosnort users as well as all Debian 6 and CentOS 6.3 snort report users Tony Robinson (Dec 01)
    - Re: Fixes for autosnort users as well as all Debian 6 and CentOS 6.3 snort report users waldo kitty (Dec 01)
    - Re: Fixes for autosnort users as well as all Debian 6 and CentOS 6.3 snort report users Tony Robinson (Dec 02)
    - Re: Fixes for autosnort users as well as all Debian 6 and CentOS 6.3 snort report users waldo kitty (Dec 02)