Firewall Wizards mailing list archives
open source web application firewall
From: "Darden, Patrick S." <darden () armc org>
Date: Fri, 7 Dec 2007 10:50:15 -0500
With all of our talk on application layer firewalls, I thought this would be appropo. Marketing warning: http://www.linuxlookup.com/2007/dec/06/breach_securitys_modsecurity_open_source_web_application_firewall Project Home: http://www.modsecurity.org/ Anybody used or worked on this open source web application firewall? Anybody have any details on it? I'd never heard of it until I saw the marketing blurb at lxer.com (linux portal). I would be interested in hearing of anyone's experiences with it.
From what I have gleaned:
apache 2.x module
rule based http request and response inspection
supports: black list model (looks for known signatures of malicious requests)
white list model (excludes all but known good requests)
extrusion detection (e.g. soc sec #s)
core rule set includes
http protection
common web attacks protection
bots, crawlers, scanners, etc.
trojan detection
error hiding
alerts
xml support
regular expressions
a lot more
Thanks,
--Patrick Darden
_______________________________________________
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Rule authentication in PIX Alejandro Ezequiel Fernández Preda (Dec 05)
- Re: Rule authentication in PIX Brian Loe (Dec 05)
- Re: Rule authentication in PIX Alejandro Ezequiel Fernández Preda (Dec 06)
- open source web application firewall Darden, Patrick S. (Dec 10)
- Re: Rule authentication in PIX Alejandro Ezequiel Fernández Preda (Dec 06)
- Re: Rule authentication in PIX Brian Loe (Dec 05)