sleuthkit-users

[sleuthkit-users] Autopsy Cookies

[Brian C. <ca...@sl...>]

One more survey question for v2.  The default behavior of autopsy is 
currently to have the random cookie in the URL, which is there to 
prevent unauthorized viewing from the host that has been specified 
(localhost by default).  You can skip the cookie with '-C' or by 
editing the 'conf.pl' file (which I usually do).  I'm assuming that 
most people use autopsy on a single user system with localhost and 
therefore the cookie is not needed and it  becomes annoying.

Therefore, I propose to, by default, not use a cookie if the "remote" 
host is 'localhost' or 127.0.0.1.  All other hosts will use a cookie 
and there will be a '-c' flag to force a cookie for multiuser localhost 
environments.  The '-C' flag will still exist to force no cookies for 
the remote host scenario.   I'm also looking into adding an SSL Perl 
module so that a remote connection can be easily encrypted.

Any problems with this plan?

brian

Re: [sleuthkit-users] Autopsy Cookies

[Ralf S. <li...@sp...>]

Hi Brian,

Am Die, 2004-01-06 um 03.59 schrieb Brian Carrier:
> Therefore, I propose to, by default, not use a cookie if the "remote"=20
> host is 'localhost' or 127.0.0.1.  All other hosts will use a cookie=20
> and there will be a '-c' flag to force a cookie for multiuser localhost=20
> environments.  The '-C' flag will still exist to force no cookies for=20
> the remote host scenario.   I'm also looking into adding an SSL Perl=20
> module so that a remote connection can be easily encrypted.
NO objections at all. I like both ideas (especially the SSL part).=20
Concerning the commandline options I agree too. All these changes will
make autopsy much easier to work with.

Cheers,

Ralf
--=20
Ralf Spenneberg
RHCE, RHCX

Book: VPN mit Linux
Book: Intrusion Detection f=FCr Linux Server   http://www.spenneberg.com
IPsec-Howto				     http://www.ipsec-howto.org
Honeynet Project Mirror:                     http://honeynet.spenneberg.org