2013년 7월 30일 화요일

Microsoft Network Monitor Filter Example

protocol.HTTP.Request.Command == "POST"
HTTP.Request.URI.Contains("wareway.net")
HTTP.Response.StatusCode.contains("200")
HTTPSummary.contains("400")
HTTPStatus.Reason.contains("OK")
HTTPSummaryType.contains("jpeg")


2013년 7월 19일 금요일

SQL, Get Remote Client IP Address

SELECT *  FROM sys.sysprocesses
spid, dbid, hostname, net_address(Mac), loginname

SELECT  * FROM sys.dm_exec_connections
session_id(spid), client_net_address(IP)

SELECT    
      sys.sysprocesses.hostname,
      sys.sysprocesses.net_address,
      sys.sysprocesses.spid,
      sys.sysprocesses.loginame,
      sys.dm_exec_connections.client_net_address,
      sys.dm_exec_connections.client_tcp_port
FROM         sys.sysprocesses INNER JOIN                      
      sys.dm_exec_connections ON sys.sysprocesses.spid = sys.dm_exec_connections.session_id
WHERE     (sys.sysprocesses.spid = 93)

 

Result.
HOSTNAME   E76A9F1FADEG 93  wareway    xxx.xxx.xxx.xxx  2405

 

 


2019년 10월 MS 취약점 패치 주요 사항

CVE-2019-1166 | Windows NTLM 변조 취약성 https://portal.msrc.microsoft.com/ko-KR/security-guidance/advisory/CVE-2019-1166 CVE-2019-1230 | Hype...