Skip to main content

Xavier Santolaria's Library tagged modsecurity   View Popular, Search in Google

21 Apr 11

"You may be familiar with the Emerging Threats project. They have a few Snort rules files related to known web application vulnerabilities and attacks:

* emerging-web_server.rules
* emerging-web_specific_apps.rules"

06 Apr 11

"This is a follow-up post to ModSecurity Advanced Topic of the Week: Malware Link Detection in which we will highlight a new capability within ModSecurity v2.6 that allows for removal of data within response bodies."

23 Feb 11

One of the most under-appreciated capabilities of web application firewalls (WAFs) is traffic monitoring and analysis.  Due to the fact that WAFs have access to the full inbound request and outbound response payloads, they are able to glean valuable insight into vulnerabilities and configuration issues such as missing HttpOnly or Secure cookie flags, etc...

12 Jan 11

This week's installment of Detecting Malice with ModSecurity will discuss how to detect and prevent Cross-Site Request Forgery (CSRF) Attacks.

05 Jan 11

"The just released CRS v2.1.0 includes Credit Card Tracking rules. These will both track legitimate credit card usage and also prevent full credit card number leakages. Much of the following data was taken from a previous blog post by Ofer Shezaf however many sections have been updated with current ModSecurity and CRS information."

1 - 5 of 5
20 items/page

Highlighter, Sticky notes, Tagging, Groups and Network: integrated suite dramatically boosting research productivity. Learn more »

Join Diigo