Nmap Development mailing list archives

Re: http-waf-detect - Script to detect WAF/IDS/IPS solutions

From: Paulino Calderon <paulino () calderonpale com>
Date: Thu, 16 Jun 2011 11:55:34 -0700


On 06/15/2011 11:59 PM, Richard Sammet wrote:

Hey Paulino,

thanks for sharing this. Just one thing you should change in the
description: IDS Systems or IPS Systems which are only in detection
mode are not going to be identified by the script. The script can only
identify solutions which are actively altering the traffic.

Just to point this out before ppl start complaining about it ;)


Regards,
Richard

Thanks for the feedback, I'll add this note before commiting.

So far it has been tested and works correctly against:
* Imperva Web Firewall
* Barracuda Web Firewall
* dotDefender
* Apache Modsecurity
* PHPIDS

Cheers.

--
Paulino Calderón Pale
Web: http://calderonpale.com
Twitter: http://www.twitter.com/paulinocaIderon

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/

Current thread:

http-waf-detect - Script to detect WAF/IDS/IPS solutions Paulino Calderon (Jun 15)
- Re: http-waf-detect - Script to detect WAF/IDS/IPS solutions Paulino Calderon (Jun 15)
  - Re: http-waf-detect - Script to detect WAF/IDS/IPS solutions Paulino Calderon (Jun 15)
  - Re: http-waf-detect - Script to detect WAF/IDS/IPS solutions Patrik Karlsson (Jun 15)
- Re: http-waf-detect - Script to detect WAF/IDS/IPS solutions Richard Sammet (Jun 15)
  - Re: http-waf-detect - Script to detect WAF/IDS/IPS solutions Paulino Calderon (Jun 16)
- Re: http-waf-detect - Script to detect WAF/IDS/IPS solutions David Fifield (Jun 21)
  - Re: http-waf-detect - Script to detect WAF/IDS/IPS solutions Paulino Calderon (Jun 21)