Hi, Have a look at this page :
http://gege.org/iptables/doc/faq.html Hope this helps... Yvan ----- Original Message ----- From: "Skip Morrow" <[EMAIL PROTECTED]> To: "Security-Basics" <[EMAIL PROTECTED]> Sent: Sunday, February 23, 2003 12:26 PM Subject: iptables log analysis tools ACID is great for analyzing snort logs. Are there any good software packages with that kind of power and flexibility for iptables logs? I think one place to start would be to find a way to have iptables log to a mysql database (like snort does). -- Skip Morrow, [EMAIL PROTECTED] on 02/23/2003 >From [EMAIL PROTECTED] Mon Feb 24 14:10:16 2003 X-Apparently-To: [EMAIL PROTECTED] via 216.136.130.96; 24 Feb 2003 11:08:55 -0800 (PST) Return-Path: <[EMAIL PROTECTED]> Received: from 205.206.231.26 (EHLO outgoing.securityfocus.com) (205.206.231.26) Received: from lists.securityfocus.com (lists.securityfocus.com [205.206.231.19]) Mailing-List: contact [EMAIL PROTECTED]; run by ezmlm Precedence: bulk List-Id: <bugtraq.list-id.securityfocus.com> List-Post: <mailto:[EMAIL PROTECTED]> List-Help: <mailto:[EMAIL PROTECTED]> List-Unsubscribe: <mailto:[EMAIL PROTECTED]> List-Subscribe: <mailto:[EMAIL PROTECTED]> Delivered-To: mailing list [EMAIL PROTECTED] Delivered-To: moderator for [EMAIL PROTECTED] Received: (qmail 20005 invoked from network); 23 Feb 2003 17:39:53 -0000 Date: 23 Feb 2003 17:42:43 -0000 Message-ID: <[EMAIL PROTECTED]> From: [EMAIL PROTECTED] Subject: Re[2]: PHPNuke SQL Injection / General SQL Injection To: Content-Length: 727 MightyE, In response to your mail of Saturday 22 February 2003 at 21:20:29: M> Actually, user supplied input from $_COOKIES, $_POST, and $_GET M> comes slash-escaped, so if the user enters M> ' or 1= M> as their input, the sql statement will look like M> where some_int=' or 1= M> [..snip..] M> function escape($input){ M> if (get_magic_quotes_gpc()) return $input; M> return addslashes($input); M> } M> [..snip..] Better still, always do this: ...WHERE id =. intval($userinput) ." AND... which doesn't rely on local configuration, magicquotes etc., and resolves to (e.g.) "id =" when the $userinput is bad or missing. Safe, simple, portable and effective. -- Best regards, James.
