httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From zeno <z...@cgisecurity.net>
Subject [users@httpd] mod_security: New apache module/http firewall
Date Tue, 10 Dec 2002 14:41:38 GMT
Hello,

I'm forwarding this email from another list. I haven't tried it yet but looks promising.

- zeno@cgisecurity.com


From: Ivan Ristic <ivanr@webkreator.com>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.2) Gecko/20021126
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: webappsec@securityfocus.com


Hi,

I have written this Apache 1.x module that will most likely
be of interest to you. In essence it is an intrusion detection
and prevention software for Apache. It filters incoming requests
based on various criteria and either denies access or simply logs
violations.

The homepage of the module is:
http://www.webkreator.com/mod_security/

For those who know Apache well, have a look at configuration
directive examples here:
http://www.webkreator.com/download/mod_security/example-httpd.conf

The module is stable and works quite nice in all my tests. I
need input from people in order to gather requirements for
future versions. Regression tests are scheduled for the next
release, and so is a full list of attacks against which the
module is effective.

As an additional bonus, the module can also perform full
audit logging so it can very useful for compromise forensics.

Somewhere at the back of my mind I have plans for Java and
IIS versions of the same thing (I have to get to learn more
about the CodeSeeker project first, to make sure there is
no duplicated effort).

--
Ivan Ristic, http://www.webkreator.com



---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message