Thread: [mod-security-users] The value of CRS in WebGoat protection
Brought to you by:
victorhora,
zimmerletw
From: Rolling S. <jz...@ho...> - 2013-01-11 04:28:24
|
I tried to ask Stephen who contributed ModSecurity securing the WebGoat project, haven't received any respond. Can any body shed some light on my question below? In the ModSecurity securing WebGoat statement it says: …create custom Modsecurity rulesets that, in addition to the Core Set,… I assume ‘Core Set’ is referring to the Core Rule Set(CRS), I am evaluating the efficiency of CRS, plan to ship it as standard rule set by default on.Thus it’s interesting to know that without having custom rules and Lua to tackle individual WebGoat lessons, how much value does CRS provide in securing the WebGoat project and its vulnerability coverage? For example, does the use of CRS affect or improve the percentage of the lesson coverage (ie. 90%)? Thanks,Rolling Stone |
From: TGWM <tg...@gm...> - 2014-01-24 00:04:48
|
I have modsecurity2 installed on the server which blocks dangerous HTTP requests, and also use fail2ban to block brute force. I have additional security scripts that run under PHP. I would like these scripts to be able to put an IP on the block list too, either in mod_security or in IP tables. Are there scripts around which can handle these bans? For example, PHP could call a URL on the same server to ban an IP. Thank you for help. |
From: Ryan B. <RBa...@tr...> - 2014-01-24 02:12:04
|
You could have PHP execute the following blacklist script to blackillst the IP in local IPTables - http://apache-tools.cvs.sourceforge.net/viewvc/apache-tools/apache-tools/bl acklist Ryan Barnett Lead Security Researcher, SpiderLabs Trustwave | SMART SECURITY ON DEMAND www.trustwave.com <http://www.trustwave.com/> On 1/23/14 7:04 PM, "TGWM" <tg...@gm...> wrote: >I have modsecurity2 installed on the server which blocks dangerous HTTP >requests, and also use fail2ban to block brute force. > >I have additional security scripts that run under PHP. > >I would like these scripts to be able to put an IP on the block list too, >either in mod_security or in IP tables. > >Are there scripts around which can handle these bans? >For example, PHP could call a URL on the same server to ban an IP. > >Thank you for help. > > >-------------------------------------------------------------------------- >---- >CenturyLink Cloud: The Leader in Enterprise Cloud Services. >Learn Why More Businesses Are Choosing CenturyLink Cloud For >Critical Workloads, Development Environments & Everything In Between. >Get a Quote or Start a Free Trial Today. >http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.clkt >rk >_______________________________________________ >mod-security-users mailing list >mod...@li... >https://lists.sourceforge.net/lists/listinfo/mod-security-users >Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs: >http://www.modsecurity.org/projects/commercial/rules/ >http://www.modsecurity.org/projects/commercial/support/ > ________________________________ This transmission may contain information that is privileged, confidential, and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is strictly prohibited. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format. |
From: saarshah <saa...@gm...> - 2014-01-23 13:55:13
|
I also have same problem. i.e. I also want to protect Webgoat without Lua . Any one can help me ? |
From: Ryan B. <RBa...@tr...> - 2014-01-23 14:05:56
|
Are you using the Java version of ModSecurity? http://www.modsecurity.org/projects/modsecurity/java/index.html Ryan Barnett Lead Security Researcher, SpiderLabs Trustwave | SMART SECURITY ON DEMAND www.trustwave.com <http://www.trustwave.com/> On 1/23/14 8:42 AM, "saarshah" <saa...@gm...> wrote: >I also have same problem. i.e. I also want to protect Webgoat without Lua >. >Any one can help me ? > > >-------------------------------------------------------------------------- >---- >CenturyLink Cloud: The Leader in Enterprise Cloud Services. >Learn Why More Businesses Are Choosing CenturyLink Cloud For >Critical Workloads, Development Environments & Everything In Between. >Get a Quote or Start a Free Trial Today. >http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.clkt >rk >_______________________________________________ >mod-security-users mailing list >mod...@li... >https://lists.sourceforge.net/lists/listinfo/mod-security-users >Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs: >http://www.modsecurity.org/projects/commercial/rules/ >http://www.modsecurity.org/projects/commercial/support/ > ________________________________ This transmission may contain information that is privileged, confidential, and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is strictly prohibited. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format. |