IDS mailing list archives

Remote File include (RFI) vulnerabilities

From: "Ravi Chunduru" <ravi.is.chunduru () gmail com>
Date: Wed, 16 Jul 2008 12:05:54 -0700

Hi,

I am using IntruPro-IPS to protect both servers and clients.  It seems
to be flagging RFI related anomalies for traffic going from  internal
clients to servers  in Internet.  I thought these attacks need to be
detected only if the internal servers are being attacked. That is, I
think that RFI detection is  needed for server protection.

is it necessary to check the internal client traffic, that is, is this
needed for client side protection.  Any reasons?

thanks
Ravi

------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it 
with real-world attacks from CORE IMPACT.
Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw 
to learn more.
------------------------------------------------------------------------

Current thread:

Remote File include (RFI) vulnerabilities Ravi Chunduru (Jul 16)
- Re: Remote File include (RFI) vulnerabilities Jamie Riden (Jul 17)
- <Possible follow-ups>
- Re: Re: Remote File include (RFI) vulnerabilities aditya . mukadam (Jul 21)