Re: xss detection ruleset

[Tony Robinson <deusexmachina667 () gmail com>]

Not sure how much money you're looking to spend on this problem/solution,
however, Whitehat Security is fairly well-known for snort integration and
taking webapp vulnerabilities and magically spitting out highly focused
snort rules....somehow.

Regards,

DA

On Thu, Nov 8, 2012 at 11:52 PM, Danny Dev <dannydev256 () yahoo com> wrote:

> thanks for the reply.
>
>
> > somehow i don't think that snort is what you are looking for or really
> wanting
> to use...
>
> > snort's purpose is a lot more involved and deeper than just watching
> for XSS problems...
>
> > one would be much better off to test for and fix their XSS
> problems than just trying to
>
> > detect and block XSS attempts...
>
> While again, I appreciate the reply, I'm not going to bother going into
> how snort is going
>
> to fit into our organization, what we're going to use initially, later and
> how,
>
> that is neither here nor there.
>
>
> I just would like to know if anyone has made a ruleset as I mentioned,
> something that
> can detect common xss attack vectors such as illustrated by the xss cheat
> sheet.
>
>
> I'm still sifting through the Bleeding snort rules to see what all is
> there. If it's not available we'll develop it
> and can donate it back to the community in case anyone else wants it.
>
> cheers
>
>
>
> > Hi,
> >
> > I'm mostly interested in using snort for xss detection as part of the
> security
> > for a php web app.  I was hoping to find some rules that could detect
> most things
> > illustrated by the well known xss cheat cheat.
> >
> >
> > https://www.owasp.org/index.php/XSS_Filter_Evasion_Cheat_Sheet
> >
> >
> > I understand this by no means protects a site 100% from xss :) but
> something that
> > will detect many of the most common http xss attacks will work for this
> > layer of my security.
> >
> >
> > Anyway the rules distributed by snort seem pretty slim as far as
> detecting xss,
> > can anyone recommend a third party ruleset that has fairly extensive
> > xss detection?
> >
> > thank you!
>
>
>
> ------------------------------------------------------------------------------
> Everyone hates slow websites. So do we.
> Make your web apps faster with AppDynamics
> Download AppDynamics Lite for free today:
> http://p.sf.net/sfu/appdyn_d2d_nov
> _______________________________________________
> Snort-users mailing list
> Snort-users () lists sourceforge net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users
>
> Please visit http://blog.snort.org to stay current on all the latest
> Snort news!



-- 
when does reality end? when does fantasy begin?

------------------------------------------------------------------------------
Everyone hates slow websites. So do we.
Make your web apps faster with AppDynamics
Download AppDynamics Lite for free today:
http://p.sf.net/sfu/appdyn_d2d_nov

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!