Sounds good Noël, There is plenty to do and it doesn't require as much knowledge as you might think. The beauty of CRS is that really the only complicated bits are the actual regex's themselves and we're not really changing many of those. Although I do hope to update two before we go to RC1 :). Christian, as always I am available to help with all the tasks or shepherd anyone on tasks which might be equally helpful. Of importance one of the tasks I've started is the OWASP CRS Documentation project. I made a separate repo for it and it's built in sphinx to make our lives easier. You can see it here: https://github.com/SpiderLabs/owasp-modsecurity-crs/tree/v3.0.0-rc1/documentation. I also added a script to compile it from the repo daily at: https://www.modsecurity.org/CRS/Documentation/ The actual project itself is a submodule (git term for subproject) which is hosted here: https://github.com/SpiderLabs/OWASP-CRS-Documentation If any of you want to translate it (in the future) etc that is fine but for 3.0 RC I want to at least have it done in English :). So I know that was one of Christian's tasks :-D.
-----Original Message----- From: owasp-modsecurity-core-rule-set-boun...@lists.owasp.org [mailto:owasp-modsecurity-core-rule-set-boun...@lists.owasp.org] On Behalf Of Noël Zindel Sent: Thursday, January 07, 2016 2:35 PM To: owasp-modsecurity-core-rule-set@lists.owasp.org Subject: Re: [Owasp-modsecurity-core-rule-set] Working on Paranoia-Mode for Core Rules 3.0.0 Hi Everyone, First, thanks Christian for bringing this project to life and setting up everything. I’m excited to work with you guys. Please note, as Christian already stated in his initial mail, I’m fairly new to ModSecurity and the Core Rules, even Apache is a topic I’m still scratching the surface. Nevertheless, I seem to understand the basics and I’m highly motivated to dig deeper. Reading through the tasks it appears to me that a good part requires at least an intermediate understanding of ModSec and the CRS - even though comparing the two rulesets and documenting the project should be possible even for me; I’ll sign up for that as soon as I have access to the wiki. I see myself more as additional “computing power”. So, if you need help with anything or got a task for me, let me know. Just answer right here or ping me at mail(at)noelzindel(dot)org. Regards, Noël > On 07 Jan 2016, at 08:54, Christian Folini <christian.fol...@netnea.com> > wrote: > > Dear all, > > As mentioned in my previous response to Walter, I got enough feedback > to form a little team to work on this. > > We created a wiki page on the OWASP wiki under the CRS > page: > > http://scanmail.trustwave.com/?c=4062&d=q8SO1hFqRJ-4DhnKjQ3xs__KQZH8Cx > r5CNJyUYRzpg&s=5&u=https%3a%2f%2fwww%2eowasp%2eorg%2findex%2ephp%2fOWA > SP%5fModSec%5fCRS%5fParanoia%5fMode > > I linked to this page from the main CRS page, where I introduced a > section about the upcoming 3.0.0 release. > > We will try and document our work on this new CRS mode on the said > wiki page. Technical discussions are supposed to be held in public, > likely on this mailinglist for future archiving. > > More helping hands are still welcome. You can can join formally by > sending me a message, or you can take part in the discussions here or > on the wiki. > > Cheers, > > Christian Folini > > > > -- > Those who would give up Essential Liberty to purchase a little > Temporary Safety, deserve neither Liberty nor Safety. > -- Benjamin Franklin > _______________________________________________ > Owasp-modsecurity-core-rule-set mailing list > Owasp-modsecurity-core-rule-set@lists.owasp.org > http://scanmail.trustwave.com/?c=4062&d=q8SO1hFqRJ-4DhnKjQ3xs__KQZH8Cxr5CNB1W4R3rA&s=5&u=https%3a%2f%2flists%2eowasp%2eorg%2fmailman%2flistinfo%2fowasp-modsecurity-core-rule-set ________________________________ This transmission may contain information that is privileged, confidential, and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is strictly prohibited. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format. _______________________________________________ Owasp-modsecurity-core-rule-set mailing list Owasp-modsecurity-core-rule-set@lists.owasp.org https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set
