[Dshield] New Relay Exploit?
Johannes B. Ullrich
jullrich at sans.org
Thu Jan 8 03:49:10 GMT 2004
> Another log feed possibility here?
yes. We are kicking around a feed for Apache logs for a while now.
Haven't gotten around to set it up right yet. It needs a bit more
thought as to how to bin the data by various web based exploits.
There is also more of a privacy issue as unlike with the firewall
logs we get now, this data will have 'payload'. For example, if
you send in your complete error log, there may be information
about who the bad spellers are in your company ;-). Or username/
password if they are passed via GET...
CTO SANS Internet Storm Center http://isc.sans.org
phone: (617) 837 2807 jullrich at sans.org
contact details: http://johannes.homepc.org/contact.htm
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://www.dshield.org/pipermail/list/attachments/20040107/b322586e/attachment.bin
More information about the list