WebApp Sec mailing list archives

Re: [tool] Guardian () JUMPERZ NET : Detecting session hijack

From: Ivan Ristic <ivanr () webkreator com>
Date: Sat, 05 Feb 2005 10:44:44 +0000

Ivan Ristic wrote:


I decided we needed a single rule definition format, something
that would be supported by commercial and open source applications
equally. This is how the portable web application firewall format
came to life:


  I just realized this is not entirely true. Although I did
  design the portable web application format, the idea did not
  originate with me. It was Mark Curphey who approached me
  in late 2003 (IIRC) to invite me to participate in the
  OASIS Web Application Security Technical Committee. The goal
  was to create portable formats for vulnerability definition,
  automated detection, and automated protection. So I just did
  what was in the charter of the committee already.

--
Ivan Ristic (http://www.modsecurity.org)

Current thread:

[tool] Guardian () JUMPERZ NET : Detecting session hijack Kanatoko (Feb 02)
- <Possible follow-ups>
- RE: [tool] Guardian () JUMPERZ NET : Detecting session hijack Ofer Shezaf (Feb 04)
  - Re: [tool] Guardian () JUMPERZ NET : Detecting session hijack Kanatoko (Feb 04)
  - Re: [tool] Guardian () JUMPERZ NET : Detecting session hijack Ivan Ristic (Feb 04)
    - Re: [tool] Guardian () JUMPERZ NET : Detecting session hijack Ivan Ristic (Feb 06)