[Bro-Dev] [JIRA] (BIT-1411) SQL_Injection_Victim is a misleading name
Vern Paxson (JIRA)
jira at bro-tracker.atlassian.net
Mon Jun 1 14:11:00 PDT 2015
Vern Paxson created BIT-1411:
--------------------------------
Summary: SQL_Injection_Victim is a misleading name
Key: BIT-1411
URL: https://bro-tracker.atlassian.net/browse/BIT-1411
Project: Bro Issue Tracker
Issue Type: Problem
Components: Bro
Reporter: Vern Paxson
I suggest changing the name of this notice to {{SQL_Injection_Target}}. Having "victim" in the name implies to me that the attack succeeded, which is not what the associated logic is about.
Indeed, I even wonder if this notice is useful. The information should be directly available from {{SQL_Injection_Attacker}} notices (though it doesn't appear to be currently set up to provide this - why not?).
--
This message was sent by Atlassian JIRA
(v6.5-OD-05-041#65001)
More information about the bro-dev
mailing list