Re: [mod-security-users] What is holding ModSecurity back?
Brought to you by:
victorhora,
zimmerletw
From: Jason H. <Jas...@tr...> - 2009-11-13 02:00:05
|
On 11/13/2009 01:37 PM, Brian Rectanus wrote: > How many of you use it? It really does not work very well and I think > gives a false sense of any security with quite a few problems (like > lacking reload). > Other that the issues regarding restarts, what other problems are there? I'd say it works exactly as expected? chroot is brilliant. I recall many years ago deliberately leaving an unpatched (ie root exploits) Apache server live on the Internet and the logs shows successful buffer overflow attacks against it on a daily basis - and yet it was *never* compromised :-) Exploits can't get far when there's no /bin/sh ;-) -- Cheers Jason Haar Information Security Manager, Trimble Navigation Ltd. Phone: +64 3 9635 377 Fax: +64 3 9635 417 PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1 |