Menu
▾
▴
RE: [Owasp-input-api-developers] Code
|
From: vertigo <ve...@pa...> - 2002-04-16 18:52:49
|
Everyone,
All I want is an intelligent reporting mechanism. The IDMEF provides this.
From a design perspective, implementing this seperately makes sense. It
isolates reporting from filtering. Many moons ago I first saw the following
code and was amazed:
Systrace.setMinimumLevel("message");
Systrace.out("message", "Connecting to DB");
db.login("username", "password");
conn = db.connection();
if(conn == null) {
Systrace.out("error", "Connection Failed")
}
I was a pretty green programmer, and had all sorts of nasty debugging routines.
They were all replaced by this simple tool written by a co-worker. Having a
nice reporting tool is invaluable, especially when dealing with larger
applications. Moreoever, I believe that it will provide a modicum of validity
to the application. It says to the development community that we are serious
about standards--specifically with the emerging ones in this field.
The reason I would like to see this implemented separately is due to its the
overhead. The reporting mechanism should be optional, and used in cases where
people may not only want to scrub the input, but want to know what sort of
problems are being discovered.
Nathan
-----Original Message-----
From: owa...@li...
[mailto:owa...@li...]On Behalf
Of Christopher Todd
Sent: Tuesday, April 16, 2002 12:07 PM
To: owa...@so...
Subject: RE: [Owasp-input-api-developers] Code
Nathan,
By the way, I didn't mean to sound critical, I'm just a bit confused and
would like some clarification. After re-reading my post, I realized it had
a critical tone that was not intended. Sorry about that.
Regards,
Chris
-----Original Message-----
From: owa...@li...
[mailto:owa...@li...]On Behalf
Of Christopher Todd
Sent: Tuesday, April 16, 2002 11:27 AM
To: owa...@so...
Subject: RE: [Owasp-input-api-developers] Code
Nathan,
Ummm, I'm a bit lost...are you implementing simple APIs for scrubbing user
input, or creating some kind of IDS for webapps? Is there some design
documentation that I've missed? I've grabbed what's in CVS, and I've read
the website, and it's still not clear to me what you mean when you say "I
need some implementations by the 30th." Implementations of what?
Regards,
Chris
-----Original Message-----
From: owa...@li...
[mailto:owa...@li...]On Behalf Of
vertigo
Sent: Tuesday, April 16, 2002 10:59 AM
To: owa...@so...
Subject: [Owasp-input-api-developers] Code
Ok,
I've been working on an implementation of the IDWG's IDMEF
(filters/doc/draft-ietf-idwg-idmef-xml-06.txt). It's been fairly easy-going
in Java, and I imagine it should be even more simple in Perl. This is
important for messaging, although it adds a bit of overhead. I need to see
some implentations by the 30th. The major road-blocks I've encountered are
in the application-unique identifier area, and with NTP Timestamps. I'm
avoiding the latter issue, and I think we can do without proper timestamps
for now. The first issue, however is a little more important, and more
pervasive. We need to decide on a scheme for uniquely identifying attacks.
This will also be used in other areas of the application (signature IDs,
filter IDs, and basically any entity that may need to be uniquely
identified). It's pretty important.
I think we all know enough about this app to start writing some code. Start
with the IDMEF. This will lay the messaging groundwork, and allow us to
address nomenclature, vocabulary, blah blah blah. Once this is done, we can
move on to proper filtering. Todd is working on a DTD for our filter and
signature classes. Contact him for any updates. FYI, I'll be pretty busy
in the next couple of weeks. I have some new projects in the works (one
HUGE 4D to SQL Server migration and a couple of mini Perl CGIs). These ones
are paying my bills, so they get first priority of course. I believe
everyone has access to the CVS repository, but if not contact me. For those
who may not be familiar with CVS, remember it is not a replacement for
communication. For the next 2 weeks I'll be working in
'filters/lang/java/src/org/owasp/idmef' and 'filters/docs'.
Nathan
_______________________________________________
Owasp-input-api-developers mailing list
Owa...@li...
https://lists.sourceforge.net/lists/listinfo/owasp-input-api-developers
_______________________________________________
Owasp-input-api-developers mailing list
Owa...@li...
https://lists.sourceforge.net/lists/listinfo/owasp-input-api-developers
|
