First off, one problem per message.
Code 1 means that URLsecurity found a % in the request. ntop isn't prepared
to deal with (read that as protect the system) from unicode, so we simply
reject unicode URLs.
You should have an immediately prior line in the log:
URL security(1): ERROR: Found percent in URL...DANGER...rejecting
request
Once you send a bad one, the address goes into a ring buffer on a 5 minute
timeout where we simply drop subsequent requests... rather than waste
cycles ignoring an attack...
Answer: Live with it...
-----Burton
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf
Of Kevin Maguire
Sent: Monday, July 01, 2002 6:19 PM
To: [EMAIL PROTECTED]
Subject: [Ntop-dev] problem compiling under solaris 2.6
Hi
I checked out latest via CVS as described on main page.
<snip />
Lastly, I get the following in syslog:
Jun 28 22:23:01 server3 ntop[18967]: ERROR: URL security: '' rejected
(code=1)(client=x.y.z.t)
Jun 28 22:25:01 server3 ntop[18967]: Rejected request from address x.y.z.t
(it previously sent ntop a bad request)
which is a bit of a pain (I was using Konqueror to look at the stats).
How can I turn this feature off ?
Cheers,
Kevin
_______________________________________________
Ntop-dev mailing list
[EMAIL PROTECTED]
http://lists.ntop.org/mailman/listinfo/ntop-dev
