Pantek Library
Hosting Provided By
CybrHost
High Speed Hosting
Mailing Lists: securityfocus.com > webappsec > 02 > 120149.html (Request Expert securityfocus.com Support)

Re: Apache module: mod_security

From: Bill Burge <bill(at)Burge.com>
Date: Tue Dec 10 2002 - 10:31:12 EST

After a cursory glance, other than removing a some abstraction and making configuration a little more staight forward; I'm not sure how this differs from what can be done with mod_rewrite.

I didn't see anything in the attributes list that I can't reveiw and take action on with rewrite rules. With mod_rewrite, I can perform other options than blocking and logging. I can send them to a page of my choice (and a few stinkers come to mind! ;-). I can route their traffic back to themself. I can redirect/proxy them off to a honeypot, etc.

While this might be a good first step in the right direction (I spend a lot of time carving apache into a webbased application level gateways); I'd like to see a lot more than a simpler conf language and a gui (actually you can keep the gui).

  1. how about using snort rules natively
  2. how about data collection on the source of the connection
  3. how about notifications
  4. how about fat free donuts that don't taste like sawdust (oops! I gott get more sleep! :-)

The author's web site mentions some dissatisfaction with mod-rewrite but, other than payload examination, doesn't go into specifics. I'd like to hear more. The site is a little sparse of specifics.

I hope this keeps going, and more people get involved. I'll probably be pulling this down and looking at it for our environment. Even if I don't put it into production, it bears watching...

Bill Burge
Info Sec Officer
places, stuff....

  • REPLY SEPARATOR ***********
On 12/10/2002 at 9:31 AM Dave Aitel wrote:

>That's really cool! I think one of the salient features of it you didn't
Received on Tue Dec 10 10:47:10 2002

Do you need help?X

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:07:46 EDT

Contact Us  Legal Notices  Order Services Online 
Pantek Home  Privacy Policy  IT news  Site Map  Pantek Library