Re: web application audit ideas needed

[Serg Belokamen <serg.belokamen () gmail com>]

I don't think being statless or not is a determining factor in
qualifying as a software firewall application.

mod_security can be configured (for example with mod_rewrite) to deny
particular request strings and redirect them to a specialised logger,
honepot, etc. Hence it qualifies as a firewall. It can also be
configured to alert admin. of dangerous traffic, hence the IPS.

So in reality the product can act as both or either... 

   Serg 


On Tue, 2005-08-09 at 20:50 +0800, Yanglei wrote:
> mod-security is opensouce web application ips, you can learn more from http://www.modsecurity.org/ .
> In modsecurity website, it is said that is web application firewall, but i don't think so. mod-security is a web ips, 
> or you can call that web filter, but not a web application firewall becouse it is not support application-level 
> stateful check. like imperva 's product can be call a web application.
>
>
>
> ----- Original Message ----- 
> From: "learn lids" <learnlids () yahoo com>
> To: <webappsec () securityfocus com>
> Sent: Monday, February 14, 2005 1:51 PM
> Subject: web application audit ideas needed
>
>
> > hi everyone
> >
> > i am a newbie to this filed of webappsec. for a
> > research project, i am looking at source audit of web
> > app. it has activex components etc. 
> >
> > what all sould be covered vis-a-vis security
> > prespective? could someone maybe throw some ideas for
> > apps which I can cover for my practice - maybe a good
> > meduim sized open source app ?
> >
> > thanks
> >
> >
> >
> >
> > __________________________________ 
> > Do you Yahoo!? 
> > Yahoo! Mail - You care about security. So do we. 
> > http://promotions.yahoo.com/new_mail