I have another
question. I have looked through the user guide. It tells you all the
stuff you can do but no basics on how to interpret the data that is
captured. Where can I find a step by step tutorial on how to interpret
everything I see in each pane? Some are easy like IP address etc but some
are more difficult. I read an article about IDS signatures and it talked
about the SYN and FIN flags. I have no idea where to look for
these.
thanks
Douglas R. Pilot
Computer Instructor,
Shaftsbury
Elementary School
dpilot@xxxxxxxx
| This message has been 'sanitized'. This means that potentially
dangerous content has been rewritten or removed. The following
log describes which actions were taken.
Sanitizer (start="1015877165"):
Part (pos="1182"):
SanitizeFile (filename="unnamed.txt", mimetype="text/plain"):
Match (rule="2"):
Enforced policy: accept
Part (pos="1850"):
SanitizeFile (filename="unnamed.html", mimetype="text/html"):
Match (rule="default"):
Enforced policy: accept
Rewrote HTML tag: >>_META http-equiv=Content-Type content="text/html; charset=iso-8859-1"_<<
as: >>_MANGLED_ON_PURPOSE_META http-equiv=Content-Type content="text/html; charset=iso-8859-1"_<<
Rewrote HTML tag: >>_META content="MSHTML 6.00.2713.1100" name=GENERATOR_<<
as: >>_MANGLED_ON_PURPOSE_META content="MSHTML 6.00.2713.1100" name=GENERATOR_<<
Total modifications so far: 2
Anomy 0.0.0 : Sanitizer.pm
$Id: Sanitizer.pm,v 1.32 2001/10/11 19:27:15 bre Exp $
|