Hello Ryan, after reading your blog post, I still have some doubts:
How does the profiling work with regard to restarting the web server? Are the collections saved to disk? How can the administrator restart the profiling process? Is it possible to selectively restart profiling based on host, URL or other application identifier? Thanks, Lucas On Thu, Feb 17, 2011 at 16:27, Ryan Barnett <[email protected]> wrote: > Hello everyone, > This email will most likely come as very welcomed news to most of you. We > have just released a ruleset to the OWASP CRS that implements a basic > framework for real-time application profiling - > http://blog.spiderlabs.com/2011/02/modsecurity-advanced-topic-of-the-week-real-time-application-profiling.html > > This initial version of the rules has the ability to profile and enforce the > following on a per-resource basis: > > * Request Method(s) > * Number of Parameters > * Parameter Names > * Parameter Length Ranges > * Parameter Types - numeric or alpha > > Please test out this ruleset and provide feedback on the OWASP CRS mail-list. > > Cheers, > Ryan > > > ________________________________ > This transmission may contain information that is privileged, confidential, > and/or exempt from disclosure under applicable law. If you are not the > intended recipient, you are hereby notified that any disclosure, copying, > distribution, or use of the information contained herein (including any > reliance thereon) is STRICTLY PROHIBITED. If you received this transmission > in error, please immediately contact the sender and destroy the material in > its entirety, whether in electronic or hard copy format. > > _______________________________________________ > Owasp-modsecurity-core-rule-set mailing list > [email protected] > https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set > -- Homo sapiens non urinat in ventum. _______________________________________________ Owasp-modsecurity-core-rule-set mailing list [email protected] https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set
