Re: [mod-security-users] Positive Security Model
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
Re: [mod-security-users] Positive Security Model
|
From: Edy <em...@ed...> - 2006-05-25 15:54:34
|
How is the performance of the Mod Security right now? From the way i look at it right now it is based on rules which essentially is negative security. I believe the chances of false positive is fairly high with this approach and performance could be a hit if we have a long list of rules. Also on the website, it stated that the modsecurity can be configured as stand alone WAF but i did not see any package/document which describe this process. Cheers, -e Alexx Alexx wrote: > My question is addressed to the author of the > mod_security. Some time ago I read in your blog, that > your are intrested in idea of including positive > security model ito your mod_security module. Are you > going to implement this somewhen? OR, perhaps, it's > already implemented? > I'm rather intrested of positive security model and > I'd like to clarify wheter it's possible to include > into your application! > > Thanks in advance, > Alexander > > __________________________________________________ > Do You Yahoo!? > Tired of spam? Yahoo! Mail has the best spam protection around > http://mail.yahoo.com > > > ------------------------------------------------------- > All the advantages of Linux Managed Hosting--Without the Cost and Risk! > Fully trained technicians. The highest number of Red Hat certifications in > the hosting industry. Fanatical Support. Click to learn more > http://sel.as-us.falkag.net/sel?cmd=lnk&kid=107521&bid=248729&dat=121642 > _______________________________________________ > mod-security-users mailing list > mod...@li... > https://lists.sourceforge.net/lists/listinfo/mod-security-users > > > |
