MOO-cows Mailing List Archive


RE: Logging and Security Hole.

>Secondly, I'd like a way to log all commands that a grey listed site 
>issues into the server log.. I think all I have to do is modify the 
>$command_utils:do_huh, but I think that this would be a nice addition to 
>the next LambdaCore.  Since Greylisting is suppose to be a warning of 
>problems, have it log all commands from those sites..  Comments Welcome.
I don't think you can do this without in-db parsing.  But,
if it's in-db, it can be loop-holed or hacked.  You'd have
to have the server log the commands in some way, but then
(in my opinion) you violate the theory of "division of
server and db".

You know, these issues are the same for any system
administration, whether Unix, Novell, or NT (in increasing
order of gag reflex).

>In Him, for Him
Is this one of those Christian subliminal messages?
C. Regis Wilson, System Analyst (MIS)
E.C.S. World
6269 Variel Av., Suite D
Woodland Hills, CA 91367
Voice: 818-716-1807   Fax: 818-716-2931
  "The views expressed here are mine personally, and do not
necessarily represent my employer's."


Home | Subject Index | Thread Index