1 / 15

> I can sit on the view list info page and hack all day long. There is no

> I can sit on the view list info page and hack all day long. There is no. > logging, no security policy. You need to turn on logging on your Web server. You can also probably. restrict access with certain directives. > Hmmmmm...... sounds like someone works for microsoft 8^).

mick
Download Presentation

> I can sit on the view list info page and hack all day long. There is no

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. > I can sit on the view list info page and hack all day long. There is no

  2. > logging, no security policy.

  3. You need to turn on logging on your Web server. You can also probably

  4. restrict access with certain directives.

  5. > Hmmmmm...... sounds like someone works for microsoft 8^)

  6. It's possible to have the CGI keep a running total of failed attempts, but

  7. the question is how to tell whether or not they're from the same source.

  8. Do you send a cookie to identify them? Use their IP address? These are

  9. all easily spoofable "solutions", and probably one of the greater flaws

  10. with Web-based authentication -- you can just brute force it.

  11. I suppose the most extensible solution is to send failure notices to syslog

  12. and count on the admin to notice these with Logcheck, swatch, or whatever.

  13. An automated process can then do whatever (drop routes for the paranoid, etc.)

  14. Anyone else have any comments (Wietse ? :)

  15. Chris

More Related