Snort mailing list archives
Re: xss detection ruleset
From: Tony Robinson <deusexmachina667 () gmail com>
Date: Sat, 10 Nov 2012 00:40:05 -0500
Not sure how much money you're looking to spend on this problem/solution, however, Whitehat Security is fairly well-known for snort integration and taking webapp vulnerabilities and magically spitting out highly focused snort rules....somehow. Regards, DA On Thu, Nov 8, 2012 at 11:52 PM, Danny Dev <dannydev256 () yahoo com> wrote:
thanks for the reply.somehow i don't think that snort is what you are looking for or reallywanting to use...snort's purpose is a lot more involved and deeper than just watchingfor XSS problems...one would be much better off to test for and fix their XSSproblems than just trying todetect and block XSS attempts...While again, I appreciate the reply, I'm not going to bother going into how snort is going to fit into our organization, what we're going to use initially, later and how, that is neither here nor there. I just would like to know if anyone has made a ruleset as I mentioned, something that can detect common xss attack vectors such as illustrated by the xss cheat sheet. I'm still sifting through the Bleeding snort rules to see what all is there. If it's not available we'll develop it and can donate it back to the community in case anyone else wants it. cheersHi, I'm mostly interested in using snort for xss detection as part of thesecurityfor a php web app. I was hoping to find some rules that could detectmost thingsillustrated by the well known xss cheat cheat. https://www.owasp.org/index.php/XSS_Filter_Evasion_Cheat_Sheet I understand this by no means protects a site 100% from xss :) butsomething thatwill detect many of the most common http xss attacks will work for this layer of my security. Anyway the rules distributed by snort seem pretty slim as far asdetecting xss,can anyone recommend a third party ruleset that has fairly extensive xss detection? thank you!------------------------------------------------------------------------------ Everyone hates slow websites. So do we. Make your web apps faster with AppDynamics Download AppDynamics Lite for free today: http://p.sf.net/sfu/appdyn_d2d_nov _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
-- when does reality end? when does fantasy begin?
------------------------------------------------------------------------------ Everyone hates slow websites. So do we. Make your web apps faster with AppDynamics Download AppDynamics Lite for free today: http://p.sf.net/sfu/appdyn_d2d_nov
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- xss detection ruleset Danny Dev (Nov 08)
- Re: xss detection ruleset waldo kitty (Nov 08)
- <Possible follow-ups>
- Re: xss detection ruleset Danny Dev (Nov 08)
- Re: xss detection ruleset waldo kitty (Nov 09)
- Re: xss detection ruleset Tony Robinson (Nov 09)