Showing 38 results for: 2007 ×ModSecurity ×

OWASP London Chapter December 6th Presentations Now Online

We've had a couple of very interesting presentations on the OWASP London Chapter December 6th meeting. They are now available for download from the Chapter page or directly from here: Adrian Pastor: Cracking into embedded devices and beyond! Rodrigo Marcos:...

ModSecurity 2.1.4 Now Available

ModSecurity 2.1.4 is the latest stable release of ModSecurity. The 2.1.4 release includes an updated version (1.5) of the Core Rules. This release also contains some fixes to multi-part form request handling as well as enhancements to allow better integration...

Installling ModSecurity

ModSecurity is a really powerful beast. It can do anything you want, at least when what you want concerns protecting your web applications. But you need to know how to tell it what you want, and this is not trivial...

ModSecurity Training at OWASP/WASC AppSec 2007

I am very excited to announce that I will be instructing a live 2-day ModSecurity Training class at the upcoming OWASP/WASC AppSec 2007 Conference in San Jose, CA on Nov. 12-13. Please see the website for a complete listing of...

ModSecurity 2.1.3 Now Available

ModSecurity 2.1.3 is the latest stable release of ModSecurity. The 2.1.3 release contains some enhancements to multipart form request handling as well as fixes for using custom error documents, using ModSecurity behind a proxy and using ModSecurity on older platforms....

Web Services Security

NIST has released a new guide on securing Web Services. It is a pretty good read for anyone who is planning to run WS, specifically Appendix A which lists Common WS Attack categories such as: Reconnaissance Attacks Privilege Escalation Attacks...

ModSecurity 2.1.2 Released

Today I released ModSecurity 2.1.2. This is the latest stable release of ModSecurity. The 2.1.2 release contains several small updates. Users are encouraged to upgrade. Notable changes as follows: Full-width Unicode is now decoded by the urlDecodeUni transformation function. Under...

Another ModSecurity Development Release

Last week I released the second ModSecurity development release, 2.5.0-dev2, in preparation for the next version of ModSecurity. Some may notice that this version is now 2.5.x where as the first development release was 2.2.x. Ivan and I decided that...

Optimizing Regular Expressions

As many of you have noticed, the Core Rule Set contains very complex regular expressions. For example: (?:\b(?:(?:s(?:elect\b(?:.{1,100}?\b(?:(?:length|count|top)\b.{1,100} ?\bfrom|from\b.{1,100}?\bwhere)|.*?\b(?:d(?:ump\b.*\bfrom|ata_type)| (?:to_(?:numbe|cha)|inst)r))|p_(?:(?:addextendedpro|sqlexe)c|... These regular expressions are assembled from a list of simpler regular expressions for efficiency reasons. A single optimized regular expression...

Apache Process Infection

A very interesting research paper titled "Apache Prefork MPM Vulnerabilities" was released a few days ago, as you can see in the corresponding Bugtraq post. The paper describes, in detail, the dangers of allowing third-parties to run code under the...

Managing ModSecurity Alerts: More Console Tuning

In a previous Blog entry, I outlined a number of steps that you could take to increase performance of the ModSecurity open source Console. While these tuning steps will certainly help to increase performance, there is still one big issue...

Universal PDF XSS Revisited

The Universal PDF XSS vulnerability was a tipping point for most people involved with web application security. Now we know the Web will never be secure for as long we continue to use the exact same technologies we have in...