mod_security rule database

[Ivan Ristic <ivanr () webkreator com>]

I have this idea about creating a mod_security
rule database, similar to what the Snort folks
have. My very rough notes are available here:

http://www.modsecurity.org/download/modsec-ruledb.txt

I am well aware of the VulnXML and OASIS WAS efforts
but I feel the focus of the mod_security rule
database would be different. I want to create something
really easy to use, a tool that would help people
protect themselves (automatic updates perhaps).

For example, accessing an URL such as:
http://www.modsecurity.org/rules/download/phpgroup/php/4.3/

would produce rules to patch PHP 4.3 vulnerabilities.

Would someone care to contribute an opinion on this
subject?

--
ModSecurity (http://www.modsecurity.org)
[ Open source IDS for Web applications ]