|
WebApp Sec
mailing list archives
RE: The Santy worm and Application Security
From: Paul Laudanski <zx () castlecops com>
Date: Fri, 31 Dec 2004 18:42:30 -0500 (EST)
There is a good free open source solution that is built into Apache as a
module:
http://modsecurity.org
Here are some filters that can be easily installed to 406 the santy and
phpinclude attacks:
http://castlecops.com/article-5642-nested-0-0.html
From about 300,000 attacks in a 55 hour period, false positives were
minimal, and all was logged via syslog.
-----Original Message-----
From: Ofer Shezaf [mailto:Ofer.Shezaf_at_breach.com]
Sent: Monday, December 27, 2004 6:41 PM
To: webappsec_at_securityfocus.com
Subject: The Santy worm and Application Security
[SNIP]
While I'm not writing this all as a marketing pitch, some of these ideas
are implemented in my company's products ;-) I'd be happy to hear what
the other pros here have to say about this.
[SNIP]
--
Regards,
Paul Laudanski - Computer Cops, LLC. CEO & Founder
CastleCops(SM) - http://castlecops.com
Promoting education and health in online security and privacy.
 By Date 
By Thread
Current thread:
- RE: The Santy worm and Application Security Paul Laudanski (Jan 01)
| 
Intro
