Internet Storm Center Infocon Status The Internet Traffic Report monitors the flow of data around the world. It then displays a value between zero and 100. Higher values indicate faster and more reliable connections.

Jun 7, 2007

Remote log injection

I love a good, clever hack. In the past, I've espoused the virtues of OSSEC, and I use it in more interesting and creative ways on almost a daily basis. Recently, OSSEC author Daniel Cid posted a great paper on remote log injection entitled "Attacking Log Analysis Tools." I just finished reading the paper and found it very interesting and a little disturbing. I've tinkered with one of the vulnerable tools he mentions, DenyHosts, and thought it was actually a fairly handy tool. After reading Daniel's paper, though, I'll have no choice but to make sure that it isn't running on any of my systems until after a patch is released.

Nice paper, Daniel.

AddThis Social Bookmark Button

Labels: ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)