Re: [mod-security-users] nice article about using regex for detection rules
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
Re: [mod-security-users] nice article about using regex for detection rules
|
From: Ivan R. <iv...@we...> - 2004-05-04 09:56:11
|
M.E. Post wrote: > Don't know if mod_security supports these kinds of filter rules but there's > a nice article on securityfocus on how to finetune your snort detection > rules for xss and sql injection attacks: > > http://www.securityfocus.com/infocus/1768 There has been some controversy about it recently, with Imperva releasing a paper releasing a paper mentioning the article too many times (in negative context). http://www.imperva.com/application_defense_center/white_papers/sql_injection_signatures_evasion.html So they exchanged a couple of emails on Bugtraq: http://www.securityfocus.com/archive/1/361486/2004-04-24/2004-04-30/0 http://www.securityfocus.com/archive/1/361490/2004-04-24/2004-04-30/0 -- ModSecurity (http://www.modsecurity.org) [ Open source IDS for Web applications ] |
