[Dshield] Manipulating DShield for fun and profit

Pete Cap peteoutside at yahoo.com
Tue Mar 2 19:59:02 GMT 2004

Greetings, list,
Just wanted to point something out...
I have been in the practice of manipulating the variables passed to the scripts at ISC (for instance, to get 90 days' worth of traffic rather than 40 or 70, or 180 days, etc.).
I recently realized you can also manipulate the Port Reports page as well to give you (if you are so inclined) statistics for ALL ports rather than just the top-whatever.
Johannes, I want you to know that I'm not trying to bring down your box, but I have got a couple of questions.
First off, the information derived really is valuable to my analysis--can I continue to do this without fear of screwing anything up and/or getting in trouble?
Second, what kind of software have you got running to do this?
It is exactly the kind of display that I need, and it's exactly what they tell me I can't get from the IDS solution we're using (if ONLY it were Snort...).  So I'm really interested in why I can get a website to give me summary stats for "all the ports" when the commercial IDS my company bought apparently can't do the same thing without crashing :)

Peter Stendahl-Juvonen <peter.stendahl-juvonen at welho.com> wrote:

Vulnerability in all previous versions of WinZip - WinZip 9.0 Fixes a
Security Issue with MIME-Encoded Files


"WinZip 9.0, released in February 2004, contains a fix for a
recently-discovered security vulnerability affecting earlier versions of
WinZip. The vulnerability does not affect .ZIP files. Instead, it
affects the MIME-encoded files that WinZip is also able to work with."

- Pete

"Mistakes are a fact of life
It is the response to error that counts."
Nikki Giovanni (b. 1943); US poetess.

list mailing list
list at dshield.org
To change your subscription options (or unsubscribe), see: http://www.dshield.org/mailman/listinfo/list

Do you Yahoo!?
Yahoo! Search - Find what you’re looking for faster.

More information about the list mailing list