Posted in ISC on June 14th, 2010 by ISC Handler
I am a fan of modsecurity (http://www.modsecurity.org/) as a fast and cheap way to get decent protection for application layer attacks. But,as you know, risks are increasing andwhenthe risk analysisperformed to your organization shows that applicationdisruptions have a big impact tothe core business,it's time tostrengthen controls and think about delivering protection from the code itself. I have founduseful PHPIDS library, whichdetectsXSS, SQL Injection, header injection, directory traversal, DoS and LDAP attacks. Since it works from code, you can get the output and send it to your favorite alert vault to correlate security events.
Version 0.6.4 was recently released. Moreinformation athttp://php-ids.org/2010/06/06/phpids-0-6-4-is-ready/
Want to use same functionality in perl? Tryhttp://search.cpan.org/dist/CGI-IDS/lib/CGI/IDS.pm.It isbasedon php-ids.
-- Manuel Humberto Santander Pelez | http://twitter.com/manuelsantander | http://manuel.santander.name | msantand at isc dot sans dot org (c) SANS Internet Storm Center. http://isc.sans.org Creative Commons Attribution-Noncommercial 3.0 United States License.
Version 0.6.4 was recently released. Moreinformation athttp://php-ids.org/2010/06/06/phpids-0-6-4-is-ready/
Want to use same functionality in perl? Tryhttp://search.cpan.org/dist/CGI-IDS/lib/CGI/IDS.pm.It isbasedon php-ids.
-- Manuel Humberto Santander Pelez | http://twitter.com/manuelsantander | http://manuel.santander.name | msantand at isc dot sans dot org (c) SANS Internet Storm Center. http://isc.sans.org Creative Commons Attribution-Noncommercial 3.0 United States License.
Tags: News
