[mod-security-users] A bunch of doubts (new user)
Brought to you by:
victorhora,
zimmerletw
From: Danett s. <dan...@ya...> - 2007-01-02 05:25:42
|
Hi there, First of all happy new year to all you! I found by accident mod_security project and loved it idea, so I intend to use it in my job, I have a small farm of webserver and I intend to use a web firewall server in fron of my farm running apache + mod_security + mod_proxy. However I have a few questions, if some more experience user can help me would be nice. 1 - I seen a version 2 announced. Is it stable enought to run in production systems? Based in my need do you think is better use version 1.X or 2.x ? Why? 2 - Is there any document showing performance statistics with mod_security and without? And with mod_security + mod_proxy? Speaking in performance is better mod_security 1.X and Apache 1.x or mod_security 2.x and apache 2.x ? 3 - The default rules from mod_security grab the most attacks of sql injection, xss, xpth attack, file inclusion, evasion attacks, etc (in a generic fashion, for example able to detect 0day attacks and not only the ones in scripts already published in the security community to be flawed)? 4 - Based in questions (3), is there a list o attacks it can't detect or methods that can be used to detect it? The same default rules costume to generate false positives (or the default rules are extensive tested and RARELY generate a false positive)? how? In what common cases? Is there any statistic? 5 - Based in documentation I found in the internet I seen it log all events in syslog, correct? Is possible to log all this events into a MySQL database? If yes, how? Any tutorial link? 6 - Any tutorial link that can help me to configure my firewall in a approriate way with apache + mod_security + mod_proxy? 7 - Is there any documentation or tricks to enhance performance of this environment? At the moment, it's all. Obs.: I'm starting to read the documentation avaible at mod_security website, hope it help me. Thank you a lot. Cheers __________________________________________________ Fale com seus amigos de graça com o novo Yahoo! Messenger http://br.messenger.yahoo.com/ |