Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



WebApp Sec: RE: The Santy worm and Application Security

RE: The Santy worm and Application Security

From: Paul Laudanski <zx_at_castlecops.com>
Date: Fri, 31 Dec 2004 18:42:30 -0500 (EST)

There is a good free open source solution that is built into Apache as a
module:

http://modsecurity.org

Here are some filters that can be easily installed to 406 the santy and
phpinclude attacks:

http://castlecops.com/article-5642-nested-0-0.html

>From about 300,000 attacks in a 55 hour period, false positives were
minimal, and all was logged via syslog.

-----Original Message-----
From: Ofer Shezaf [mailto:Ofer.Shezaf_at_breach.com]
Sent: Monday, December 27, 2004 6:41 PM
To: webappsec_at_securityfocus.com
Subject: The Santy worm and Application Security

[SNIP]

While I'm not writing this all as a marketing pitch, some of these ideas
are implemented in my company's products ;-) I'd be happy to hear what
the other pros here have to say about this.

[SNIP] 

-- 
Regards,
Paul Laudanski - Computer Cops, LLC. CEO & Founder
CastleCops(SM) - http://castlecops.com
Promoting education and health in online security and privacy.
Received on Jan 02 2005
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]