Re: [Snort-users] Why content and not uricontent?
This is a discussion on Re: [Snort-users] Why content and not uricontent? within the Snort forums, part of the System Security and Security Related category; --raC6veAxrt5nqIoY Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Hi, * Matt Kettler <...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
04-21-2005
|
|||
|
|||
Re: [Snort-users] Why content and not uricontent?
--raC6veAxrt5nqIoY Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Hi, * Matt Kettler <mkettler@evi-inc.com>: > Thus, while using uricontent closes the hole of encoded requests, it > opens the hole of someone using the POST command for the exploit. >=20 > On the other hand, content fails to handle encodings, but it does match > both POST and GET requests. thank you for your detailed explanation. Now I did understand. cu, Holger --=20 Holger Mense --raC6veAxrt5nqIoY Content-Type: application/pgp-signature; name="signature.asc" Content-Description: Digital signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.5 (GNU/Linux) iD8DBQFCZ+rmACZJo+RoQrMRAoLXAJ48OICtymh0LCya/xk2vxuU23mJJwCfRrL2 KHCzJgd75EfVHU8DGEEr58k= =4tu3 -----END PGP SIGNATURE----- --raC6veAxrt5nqIoY-- ------------------------------------------------------- SF email is sponsored by - The IT Product Guide Read honest & candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click _______________________________________________ Snort-users mailing list Snort-users@lists.sourceforge.net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/...fo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.p...st=snort-users 
|
Linear Mode
