Round 1: The problem
Have you ever used flask’s built in webserver and thought “this is probably good enough to use for my little thing”? I’ve discovered that it isn’t good for production, and it took a few missteps to find out why.
How many times have we been working hard on an issue, searching forums, blogposts, stack overflow, etc, and come across a proposed solution that says “just paste this into your terminal”? In the heat of the moment it is easy to forget that this situation deserves caution. The problem is that it is easy to sneak extra commands into those cut/copy/pastes thusly:
Have you ever been on the road or mobile, and you don’t have a snort/suricata test environment set up? AutoIDS is a new(ish) research tool running many versions of Suricata and Snort in a web app. You can use it to:
subscribe via RSS