[ic] Running a system command in a perl tag?

Mike Heins mike at perusion.com
Mon Jan 21 00:55:33 UTC 2013


Quoting IC (ic at tvcables.co.uk):
> > This is a really bad idea, even if you could get it to work you'd be
> > blowing away loads of security in Interchange to accomplish it, we're
> > not just talking about poking a small hole in security to accomplish
> > what you want, we're talking about blowing away massive amounts of it.
> > 
> > Tell us what you're trying to accomplish and maybe we can come up with a
> > better solution that doesn't require compromising your entire box at a
> > root level to do it.
> > 
> > 
> > Peter
> 
> Hi Peter,
> 
> The issue I have is persistent sql injection type attacks causing load on
> the server, I can easily detect these within IC and wanted a way to
> temporarily auto ban the IP using csf, at the moment I have do it manually.
> 
> The attacks appear as IC searches, they don't achieve anything except
> slowing the server down, as I can easily detect them within IC it seemed
> like a good idea to use a script within IC.
> 
> Any suggestions on other ways to tackle it would be welcome.

I have usually done something with a once-a-minute cron job or a daemon
in those types of cases.

-- 
Mike Heins
Perusion -- Expert Interchange Consulting    http://www.perusion.com/
phone +1.765.253.4194  <mike at perusion.com>

Experience is what allows you to recognize a mistake the second
time you make it. -- unknown



More information about the interchange-users mailing list