Professional Documents
Culture Documents
com>
Web Intrusion Detection
with ModSecurity
2 / 50 Web Intrusion Detection with ModSecurity
Aim of This Talk
Introduce ModSecurity
It wi take a whie.
It is not easy.
:vasion is a probem.
Syso"
,revention is possibe.
25 / 50 Web Intrusion Detection with ModSecurity
Web IDS Strate#ies ,'-
Cetwork;based6
Web server;based6
Simpe defence6
Rue;based6
#nomay;based6
#udit o""in".
:scapin"6 /etc/"assw?d
:3ampes6
.ustomisation is necessary
/ 50 Web Intrusion Detection with ModSecurity
%SS &s( 3ommercial ,'-
.ommercia6
#ppiance back;bo3es.
Kery e3pensive.
$ / 50 Web Intrusion Detection with ModSecurity
%SS &s( 3ommercial ,2-
%pen Source6
It is a reverse pro3y.
modNpro3y
modNpro3yNhtm
modNsecurity
2 / 50 Web Intrusion Detection with ModSecurity
ModSecurity /eatures ,'-
#udit o""in".
,revent with6
Sec/ilterSelecti&e A5F8authorised A9GHA
Sec/ilterSelecti&e 3%%II78authorised A9GHA
$ / 50 Web Intrusion Detection with ModSecurity
Ad&anced 5ule 7<am"le