Thanks Reindl :).

Kind Regards

El 18/09/2013 19:44, "Reindl Harald" <h.reindl@thelounge.net> escribió:
Am 18.09.2013 19:07, schrieb Jose Pablo Valcárcel Lázaro:
> First of all, sorry to post here, but I believe that mod_security with iptables makes harder for hackers to gain
> resources access.
>
> I was wondering if someone could tell me if he/she has be able to use iptables strings modules with hitcount
> modules. Why? Easy to answer. You could be able to limit access to php forms using string (but for performance Deep
> Packet Inspection is not the best approach) and using hitting count.
>
> You could block more than 5 chances to gain access to example_form.php.
>
> Is it a bad idea? Mod security has brute-force rules?
>
> I know that you can develop new rules to approach this solution or use some other alternatives as captchas or
> honeypots fields.

generally whatever can be done in the earliest possible layer should be done there
security is always a layered thing (network, firewall, application firewall, application)

things like rate-control and limit concurrent connectios from a source-ip
should be done in iptables or if possible even a device before the server

it *can* be done with modsec, but where ever you can catch attacks a layer before do so




------------------------------------------------------------------------------
LIMITED TIME SALE - Full Year of Microsoft Training For Just $49.99!
1,500+ hours of tutorials including VisualStudio 2012, Windows 8, SharePoint
2013, SQL 2012, MVC 4, more. BEST VALUE: New Multi-Library Power Pack includes
Mobile, Cloud, Java, and UX Design. Lowest price ever! Ends 9/20/13.
http://pubads.g.doubleclick.net/gampad/clk?id=58041151&iu=/4140/ostg.clktrk
_______________________________________________
mod-security-users mailing list
mod-security-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/mod-security-users
Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs:
http://www.modsecurity.org/projects/commercial/rules/
http://www.modsecurity.org/projects/commercial/support/