Leonardo wrote: > > Jean, > > On my Msc thesis I finished last year, I proposed an IDS/IPS > architecture > and developed what I call Application-based sensor. > In this sense, I debugged Apache behavior and catch the requests after > they > were decrypted and before they were processed by the app server.
How is it different than ModSecurity? > > BTW, Did you check about WAF - Web Application firewall?? > > Regards, > ~ Ofer Ofer Shezaf [EMAIL PROTECTED], Phone:+972-9-9560036 #212, Cell: +972-54-4431119 CTO, Breach Security; Chair, OWASP Israel; Leader, ModSecurity Core Rule Set Project; Leader, WASC Web Hacking Incidents Database Project ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw to learn more. ------------------------------------------------------------------------
