Showing 38 results for: 2011 ×ModSecurity Rules ×

Announcing Release of OWASP ModSecurity Core Rule Set v2.2.0

-------------------------- The ModSecurity Development Team is pleased to announce the release of the OWASP ModSecurity Core Rule Set v.2.20. There are many significant improvements as listed below from the CHANGES file. -------------------------- Version 2.2.0 - 05/26/2011 -------------------------- Improvements: - Changed...

Unicode Visual Spoofing for Good: Confusable CAPTCHAs

In this blog post, I will show a proof of concept method of leveraging Unicode Visual Spoofing/Lookalikes for use in a CAPTCHA to help prevent automated bots from scraping pages and autosubmitting data. Unicode Visual Spoofing/Lookalikes An in-depth discussion of...

ModSecurity Advanced Topic of the Week: Integrating IDS Signatures

Snort Web Attack Rules You may be familiar with the Emerging Threats project. They have a few Snort rules files related to known web application vulnerabilities and attacks: emerging-web_server.rules emerging-web_specific_apps.rules Identifying attacks against known vulnerabilities does have value in the...

Detecting Malice with ModSecurity: Open Proxy Abuse

This week's installment of Detecting Malice with ModSecurity will discuss how to detect potential open proxy abuse. HTTP Proxies excerpt section of Robert "Rsnake" Hansen's book "Detecting Malice" - HTTP Proxies HTTP proxies are specialized server applications designed to make...

ModSecurity Advanced Topic of the Week: Malware Link Detection

Planting of Malware Planting of malware links into legitimate websites in order to conduct "Drive-by-Downloads" attacks against end-users is a serious concern. Check out the WASC WHID entries for "Planting of Malware" for some real-world examples. Unfortunately for web site...

Java Floating Point DoS Attack Protection

As many of you may have heard, there is an interesting Java DoS scenario out - http://www.exploringbinary.com/php-hangs-on-numeric-value-2-2250738585072011e-308/ http://blog.fortify.com/blog/2011/02/08/Double-Trouble http://blogs.adobe.com/asset/2011/02/year-of-the-snail.html When I first saw this issue, I quickly tweeted out a modsec rule that would identify if anyone submitted the example...

Detecting Malice with ModSecurity: CSRF Attacks

This week's installment of Detecting Malice with ModSecurity will discuss how to detect and prevent Cross-Site Request Forgery (CSRF) Attacks. Example CSRF Section of Robert "Rsnake" Hansen's book "Detecting Malice" - One form of attack that is widely found to...