Just added these new OWASP AppSensor Detection Point checks to the CRS in trunk. These take the place of the older modsecurity_crs_profiler.conf file. This new setup allows for more modular AppSensor checks. I also added in an interesting HoneyTrap check using new ModSecurity v2.6 @rsub capabilities.
-Ryan On 4/18/11 5:37 PM, "[email protected]" <[email protected]> wrote: >Revision: 1727 > >http://mod-security.svn.sourceforge.net/mod-security/?rev=1727&view=rev >Author: rcbarnett >Date: 2011-04-18 21:37:15 +0000 (Mon, 18 Apr 2011) > >Log Message: >----------- >- Added new AppSensor rules to experimental_dir > https://www.owasp.org/index.php/AppSensor_DetectionPoints >- Added new HoneyTrap AppSensor Rules to detect fake hidden parameter >tampering > https://www.owasp.org/index.php/AppSensor_DetectionPoints#Honey_Trap > >Modified Paths: >-------------- > crs/trunk/CHANGELOG > >Added Paths: >----------- > >crs/trunk/experimental_rules/modsecurity_crs_40_appsensor_detection_point_ >2.0_setup.conf > >crs/trunk/experimental_rules/modsecurity_crs_40_appsensor_detection_point_ >2.1_request_exception.conf > >crs/trunk/experimental_rules/modsecurity_crs_40_appsensor_detection_point_ >2.9_honeytrap.conf > >crs/trunk/experimental_rules/modsecurity_crs_40_appsensor_detection_point_ >3.0_end.conf > >Removed Paths: >------------- > crs/trunk/experimental_rules/modsecurity_crs_40_profiler.conf > > >This was sent by the SourceForge.net collaborative development platform, >the world's largest Open Source development site. > This transmission may contain information that is privileged, confidential, and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is STRICTLY PROHIBITED. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format. _______________________________________________ Owasp-modsecurity-core-rule-set mailing list [email protected] https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set
