WebApp Sec mailing list archives
Apache module: mod_security
From: Ivan Ristic <ivanr () webkreator com>
Date: Tue, 10 Dec 2002 13:37:33 +0000
Hi, I have written this Apache 1.x module that will most likely be of interest to you. In essence it is an intrusion detection and prevention software for Apache. It filters incoming requests based on various criteria and either denies access or simply logs violations. The homepage of the module is: http://www.webkreator.com/mod_security/ For those who know Apache well, have a look at configuration directive examples here: http://www.webkreator.com/download/mod_security/example-httpd.conf The module is stable and works quite nice in all my tests. I need input from people in order to gather requirements for future versions. Regression tests are scheduled for the next release, and so is a full list of attacks against which the module is effective. As an additional bonus, the module can also perform full audit logging so it can very useful for compromise forensics. Somewhere at the back of my mind I have plans for Java and IIS versions of the same thing (I have to get to learn more about the CodeSeeker project first, to make sure there is no duplicated effort). -- Ivan Ristic, http://www.webkreator.com
Current thread:
- Apache module: mod_security Ivan Ristic (Dec 10)
- Re: Apache module: mod_security Dave Aitel (Dec 10)
- Re: Apache module: mod_security Bill Burge (Dec 10)
- Re: Apache module: mod_security Ivan Ristic (Dec 10)
- Re: Apache module: mod_security Ivan Ristic (Dec 10)
- Re: Apache module: mod_security Bill Burge (Dec 10)
- Re: Apache module: mod_security Klaus Doerrscheidt (Dec 10)
- Re: Apache module: mod_security Gabe Lawrence (Dec 10)
- <Possible follow-ups>
- Re: Apache module: mod_security zeno (Dec 10)
- Re: Apache module: mod_security Dave Aitel (Dec 10)