[150222] in North American Network Operators' Group


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: DNS Attacks

daemon@ATHENA.MIT.EDU (Valdis.Kletnieks@vt.edu)
Sun Feb 19 09:27:22 2012

To: Jeroen Massar <jeroen@unfix.org>
In-Reply-To: Your message of "Sun, 19 Feb 2012 13:02:01 +0100."
 <4F40E4B9.8080504@unfix.org>
From: Valdis.Kletnieks@vt.edu
Date: Sun, 19 Feb 2012 09:23:40 -0500
Cc: "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org

--==_Exmh_1329661420_3068P
Content-Type: text/plain; charset=us-ascii

On Sun, 19 Feb 2012 13:02:01 +0100, Jeroen Massar said:

> Per default most webservers (Apache, nginx, etc) won't log POST
> variables, GET variables will be logged (as they are part of the query)
> but those should not contain any PII.

Right. They shouldn't.  But the security mailing lists have lots of
counter-examples from clue-challenged web developers.. Plan your logging
strategy accordingly (is there any safe answer here other than "disable
logging" or "log only timestamp and source IP"?)


--==_Exmh_1329661420_3068P
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Exmh version 2.5 07/13/2001

iQIVAwUBT0EF7AdmEQWDXROgAQINBxAAhwRptZSlKUMY0/kTr5Kp0PV5HmtUVGEm
lCWIyq2mj209//DiL9UdTOiXgzGQiHJeByzSjLFYyptElHLoFR3/U6uJftvcuPuV
rEEZZuhw4TSEOWrdmpeAahA4KZfOjXfhozIKK/skr289pCL4AWugS1XcTJzEFEh2
4XuaCIfdBGb2qaEK0lqBPwMe8t4ABCVXEy1PjBucIIu68HwkvYiLjbDhBDWNoiSa
g7arkTT1KnXvHUnkofLvysBE/pgJbOs3PvSUzcMSjaPNWggfGX7BUDwYrhUiY0T5
EYFXQeamXBZUbjYhPjowm+S7BlCVEeglmsnWnd+hAh7hd0KjSBCVHL+SyFCQ5ZVu
Tp/eBPAh0cR3i0kt2CJcOE1MofHYzVcnsiA3KV7nmZclixuYeuKY7xli/5wCSBul
xFIYKGRqyKaCOWi/W1k+v6QnB1GP3QQF8j2+wp8v8lbeeDmUYojUx+X0XE/v89Dh
lTFh0SFLPMzXuappI3NDvbnN9Yb9mFnN7UvovaIwfaWxSGm9x62zVyAd4kyaWPew
v/UA8cfGOui3W80AZx7qwvU3kcCbJsSHdRAOOPRQtjDDMritZOqzxRgbrNMeMP8k
U78PSyu5sS7F1t96QLmDslCcG192iRA8qlr0765MUkp1wYWR/tWn2CANG95xlSbj
44orug2gljY=
=y2yL
-----END PGP SIGNATURE-----

--==_Exmh_1329661420_3068P--


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[150222] in North American Network Operators' Group

Re: DNS Attacks

daemon@ATHENA.MIT.EDU (Valdis.Kletnieks@vt.edu)Sun Feb 19 09:27:22 2012

daemon@ATHENA.MIT.EDU (Valdis.Kletnieks@vt.edu)
Sun Feb 19 09:27:22 2012