Salam.. pegawai 44 buat keje ni ? waaa.. kalau la pegawai 44 kat tempat aku buat benda yang sama kan best.. kurang sket beban kami pekerja bawahan ni :D
tahniah2... teruskan usaha :D Quoting ApOgEE <[email protected]> on Sun, 5 Sep 2010 16:00:26 +0800: Salam, On Sun, Sep 5, 2010 at 2:29 PM, Muzamir Mokhtar <[email protected]> wrote: Salam, I have setup mod_security in my httpd. I have use rules from owasp. I have enable the rules and use the default ruleset. I have enable audit log. Question : 1) How do i know my mod_security is working properly? test it using all common attacks that it should be blocking. http://www.owasp.org/index.php/Category:Attack http://www.owasp.org/index.php/Testing_for_Cross_site_scripting 2) Is there any additional modification i need to do in order to block the vulnerable attack such as sql injection, xss, spam comment and others. sanitize your input to prevent SQL injection http://www.owasp.org/index.php/Guide_to_SQL_Injection Please do advice me on this. -- Muzamir bin Mokhtar, Pegawai Teknologi Maklumat (F44) Unit Operasi Bahagian Teknologi Maklumat Pej SUK Pahang TEL : 095129424/425 FAX : 095163490 http://muzzoshah.blogspot.com http://muzzotechspot.blogspot.com ---------------------------------------------------------------- DISCLAIMER: This e-mail and the attachment is from State Government of Pahang, Malaysia. It is intended solely for the person to whom they are addressed and may be confidential and privileged. If you are not the intended recipient, you are notified that disclosing, distributing, copying or taking any action in reliance of the content of this information is strictly prohibited. Please notify the sender immediately if you have received this e-mail and delete it from your system. The recipient should check the e-mail and any attachment for the presence of viruses that could be transmitted via e-mail. Email transmission cannot be guaranteed to be secure or error free as information could be intercepted, corrupted, lost, destroyed, incomplete or contain viruses. State Government of Pahang, Malaysia accepts no liability for any errors or omissions in the contents of this message which arises as a result of e-mail transmission. Opinions, conclusions and other information in this e-mail that does not relate to the official business of State Government of Pahang, Malaysia shall be understood as neither given nor endorsed by State Government of Pahang, Malaysia. -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. _______________________________________________ Owasp-Malaysia mailing list [email protected] https://lists.owasp.org/mailman/listinfo/owasp-malaysia OWASP Malaysia Wiki http://www.owasp.org/index.php/Malaysia OWASP Malaysia Wiki Facebook http://www.facebook.com/pages/OWASP-Malaysia-Local-Chapter/295989208420 -- Best Wishes, M. Fauzilkamil Zainuddin ---------------------------------------------------- ApOgEE a.k.a JeRuNgKuN ---------------------------------------------------- https://edge.launchpad.net/~apogee - ApOgEE on LaunchPad http://artofapogee.blogspot.com - Art Of ApOgEE http://coderstalk.blogspot.com - Coder's Talk ----------------------------------------------------
_______________________________________________ Owasp-Malaysia mailing list [email protected] https://lists.owasp.org/mailman/listinfo/owasp-malaysia OWASP Malaysia Wiki http://www.owasp.org/index.php/Malaysia OWASP Malaysia Wiki Facebook http://www.facebook.com/pages/OWASP-Malaysia-Local-Chapter/295989208420
