Re: [mod-security-users] behviour models
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
Re: [mod-security-users] behviour models
|
From: Ivan R. <iva...@gm...> - 2006-05-26 19:12:28
|
On 5/26/06, kiran k <kir...@ya...> wrote: > > Ivan: > > I am afraid, dont understand design document, very little detail. It's not a design document - it's a blog post. > first > approach says developer to publish the constraints, if known they would > check them in the application itself and no need for WAF right ? Yes, wouldn't that be great? > Again in the email thread below you will look int the audit logs. no need= to > go through the audit logs for each request, only once after training, you > build rules out of historic data. How to correlate rules out of these log= s > is challenge. More info on the design please. I don't have any info to share - I haven't built that part yet. --=20 Ivan Ristic, Technical Director Thinking Stone, http://www.thinkingstone.com ModSecurity: Open source Web Application Firewall |
