Re: [Mod-security-developers] Hello All
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
Re: [Mod-security-developers] Hello All
|
From: Felipe C. <FC...@tr...> - 2015-03-18 12:38:17
|
Ola Raphael, ModSecurity core is driven by utilized rules. Those rules can be made by yourself or you can use rules provided by the community or Even use a commercial package [1]. ModSecurity core provides a set of functionalities that can be used by the rules in order to assess a given http transaction (request, response, client reputation, etcŠ). For more information about this rules language you can have a look at the ModSecurity Reference Manual [2]. There are several ways to extend ModSecurity, including: - calling external softwares [3] - lua scripts [4] - python scripts [5] - ModSecurity core itself, by creating new operator(s) [6] It will be a pleasure to help! Let me know if you need more information. [1] http://www.modsecurity.org/rules.html [2] https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual [3] https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual#exec [4] https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual#secrulescri pt [5] https://github.com/SpiderLabs/ModSecurity/tree/experimental_python_support [6] https://github.com/SpiderLabs/ModSecurity/blob/master/apache2/re_operators. c Br, Felipe ³Zimmerle² Costa Security Researcher, SpiderLabs Trustwave | SMART SECURITY ON DEMAND www.trustwave.com <http://www.trustwave.com/> From: Raphael Jubram <rap...@gm...> Reply-To: "mod...@li..." <mod...@li...> Date: Monday, March 16, 2015 at 9:02 PM To: "mod...@li..." <mod...@li...> Subject: [Mod-security-developers] Hello All Hi! My name is Raphael, I'm a Brazilian Computer Science undergraduate student. I have started a research about AI algorithms applied to WAF. I would like to understand some different open source WAF programs and which algorithms they use to analyse HTTP requests. I'll be glad to have a conversation with anyone that could help me! At the end of the research, I can share my results with you guys. Thanks! ________________________________ This transmission may contain information that is privileged, confidential, and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is strictly prohibited. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format. |
