 |
|
 |
 |
Menu |
 |
|
 Home |
| |
|
 Discussions |
| |
|
 Tools |
| |
|
| Affiliates |
| |
|
 Content |
| |
|
 Info |
| | |
|
|
|
|
|
User Info |
|
 Membership:
 Latest: MichaelSnaRe
 New Today: 0
 New Yesterday: 0
 Overall: 9144
 People Online:
 Visitors: 98
 Members: 0
 Total: 98
|
|
|
|
|
|
Full disclosure |
|
|
|
 |
|
 |
 |
|
 |
IT Security and Insecurity Portal |
|
|
Extra Information on Mod_security Exploit detection..... |
|
 Posted: Tue Apr 12, 2005 11:46 am |
 |
|
| shai-tan |
| Valuable expert |
 |
|
| Joined: Feb 22, 2005 |
| Posts: 477 |
|
|
|
 |
|
 |
|
This is an addition to Mod_Security Exploit detection for Apache thread I posted but can't find....
http://modsecurity.org/ where you download it.
A database of rules and exploit detection configurations are at:
http://modsecrules.monkeydev.org/
And an example config file for YES Linux which I am currently helping develop.
http://www.yeslinux.org/forum/viewtopic.php?p=1076#1076
It involves stuff like:
# XSS Exploit Detection
# Basic protection agains Command execution attacks
# Basic protection against Directory traversal attacks
#NMap detection
#phpBB Exploit Detection
#phpMyAdmin Exploit Detection
#Protect against attacks on critical directories
# Basic protection against SQL attacks
# Only record the interesting stuff
# Server masking is optional (to make your apache look like IIS or others)
# Reject requests with status 403
# Inspect ALL Requests
# Only inspect dynamic requests
# SecFilterEngine DynamicOnly
# Debug logging but you wont normally need this unless you are looking for failed exploit attempts
# Only accept request encodings you know how to handle (except GET requests because some are automated
# Don't accept transfer encodings you know you don't handle
# Require Content-Length to be provided with every POST request
And thats to name a few.
This mod should really be included in apache by default. But then what would we @ Waraxe do? |
|
_________________
Shai-tan
?In short: just say NO TO DRUGS, and maybe you won?t end up like the Hurd people.? -- Linus Torvalds |
|
|
|
|
|
|
|
| Posted: Tue Apr 12, 2005 1:36 pm |
|
|
| LINUX |
| Moderator |
|
|
| Joined: May 24, 2004 |
| Posts: 404 |
| Location: Caiman |
|
|
|
|
|
|
|
|
|
|
| Posted: Tue Apr 12, 2005 6:05 pm |
|
|
| murdock |
| Advanced user |
 |
|
| Joined: Mar 16, 2005 |
| Posts: 54 |
|
|
|
|
|
|
|
| I installed mod_security in my server, seems very good. |
|
|
|
|
| Posted: Wed Apr 13, 2005 3:41 am |
|
|
| shai-tan |
| Valuable expert |
|
|
| Joined: Feb 22, 2005 |
| Posts: 477 |
|
|
|
|
|
|
|
Yes I like it very much. A mate of mine swears by it. He owns a hosting company hosting over 600 sites on 3 servers at a datacenter and he uses cPanel so there are tonnes of phpBB and phpNuke sites he is hosting.  |
|
_________________
Shai-tan
?In short: just say NO TO DRUGS, and maybe you won?t end up like the Hurd people.? -- Linus Torvalds |
|
|
|
| Posted: Wed Apr 13, 2005 1:08 pm |
|
|
| murdock |
| Advanced user |
|
|
| Joined: Mar 16, 2005 |
| Posts: 54 |
|
|
|
|
|
|
|
OMG! 
Imagine 600 PHP-Nuke sites with phpbb in each one! The defacers heaven!!! 
He REALLY NEEDS this mod! |
|
|
|
|
| Posted: Sat Apr 16, 2005 9:28 am |
|
|
| shai-tan |
| Valuable expert |
|
|
| Joined: Feb 22, 2005 |
| Posts: 477 |
|
|
|
|
|
|
|
| Yes everyone should use this mod if they have a web hosting business on Apache |
|
_________________
Shai-tan
?In short: just say NO TO DRUGS, and maybe you won?t end up like the Hurd people.? -- Linus Torvalds |
|
|
|
www.waraxe.us Forum Index -> Tools
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
All times are GMT
Page 1 of 1
|
|
|
|
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
|
|
