Hello Hiranmayi,
Having them would be very interesting of course.
It is not so clear how far you can get. I usually declare that ModSec is no
good fighting standard DoS attacks. As for websockets, you may face a problem
where ModSecurity does not give you proper access to the traffic in question.
Checking standard HTTP headers should not be a proble, though and writing a
few rules for the websocket use case seems feasible.
Ahoj,
Christian
On Thu, May 17, 2018 at 05:44:09PM +, Hiranmayi Palanki wrote:
> Hello Christian and Team,
>
> I'm interested in the community's thoughts on having CRS rules or Custom
> Rules for detecting attacks against WebSocket connections, specifically DoS
> and Websocket header tampering.
>
> Thanks.
>
>
> American Express made the following annotations
> **
> "This message and any attachments are solely for the intended recipient and
> may contain confidential or privileged information. If you are not the
> intended recipient, any disclosure, copying, use, or distribution of the
> information included in this message and any attachments is prohibited. If
> you have received this communication in error, please notify us by reply
> e-mail and immediately and permanently delete this message and any
> attachments. Thank you."
>
> American Express a ajout? le commentaire suivant le Ce courrier et toute
> pi?ce jointe qu'il contient sont r?serv?s au seul destinataire indiqu? et
> peuvent renfermer des
> renseignements confidentiels et privil?gi?s. Si vous n'?tes pas le
> destinataire pr?vu, toute divulgation, duplication, utilisation ou
> distribution du courrier ou de toute pi?ce jointe est interdite. Si vous avez
> re?u cette communication par erreur, veuillez nous en aviser par courrier et
> d?truire imm?diatement le courrier et les pi?ces jointes. Merci.
>
> **
> ___
> Owasp-modsecurity-core-rule-set mailing list
> Owasp-modsecurity-core-rule-set@lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set
--
https://www.feistyduck.com/training/modsecurity-training-course
https://www.feistyduck.com/books/modsecurity-handbook/
mailto:christian.fol...@netnea.com
twitter: @ChrFolini
___
Owasp-modsecurity-core-rule-set mailing list
Owasp-modsecurity-core-rule-set@lists.owasp.org
https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set