[Bro-Dev] [JIRA] (BIT-1411) SQL_Injection_Victim is a misleading name

Jon Siwek (JIRA) jira at bro-tracker.atlassian.net
Tue Sep 8 07:09:01 PDT 2015


    [ https://bro-tracker.atlassian.net/browse/BIT-1411?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=22000#comment-22000 ] 

Jon Siwek commented on BIT-1411:
--------------------------------

Didn't look at the particulars of this ticket, but just wanted to note that "&deprecated" should already exist in the 2.4 release in case it's helpful here.

> SQL_Injection_Victim is a misleading name
> -----------------------------------------
>
>                 Key: BIT-1411
>                 URL: https://bro-tracker.atlassian.net/browse/BIT-1411
>             Project: Bro Issue Tracker
>          Issue Type: Problem
>          Components: Bro
>            Reporter: Vern Paxson
>
> I suggest changing the name of this notice to {{SQL_Injection_Target}}.  Having "victim" in the name implies to me that the attack succeeded, which is not what the associated logic is about.
> Indeed, I even wonder if this notice is useful.  The information should be directly available from {{SQL_Injection_Attacker}} notices (though it doesn't appear to be currently set up to provide this - why not?).



--
This message was sent by Atlassian JIRA
(v7.0.0-OD-04-018#70102)


More information about the bro-dev mailing list