Mod_Security.pdf
(
4252 KB
)
Pobierz
Slide 1
Web Intrusion Detection And Prevention
SANS@Night - Mod_Security
Author: Ryan C. Barnett
Presentation: Mod_Security – An Intrusion Prevention module for Apache
Email: RCBarnett@hushmail.com
Date: Dec. 4th, 2003
Copyright © 2003 Ryan C. Barnett
All Rights Reserved
Slide 2
Who Am I?
• Center for Internet Security’s Apache Benchmark Project
Team Leader
• Web Application Security Consortium (WASC) Member
• Member of SANS Top 20 Vulnerabilities Team
• SANS Instructor – Securing Apache
– Intrusion Analyst (GCIA)
– Forensic Analyst (GCFA)
– Incident Handler (GCIH)
– Unix Security (GCUX)
– Security Essentials (GSEC)
• Incident Response Team Member
SANS@Night - Mod_Security
This page intentionally left blank.
Slide 3
What Will This Presentation Cover?
• Why current network security strategies
fail to protect the web tier
• Why Firewalls, NIDS and HIDS fails
• Introducing Mod_Security
• Whisker vs. Mod_Security
– Common web attacks with Mod_Security
countermeasures
• Real Examples
SANS@Night - Mod_Security
This page intentionally left blank.
Slide 4
Updated Class Slides Available
• SANS has quarterly updates for course
content
• Unfortunately, Whitehat/Blackhat tools
and tactics are NOT on this schedule!
• I am constantly updating the live
presentation to provide current info
• Class participants can download
updated PDF slides
SANS@Night - Mod_Security
http://apachebenchmark.sourceforge.net/Mod_Security.zip
This page intentionally left blank.
Slide 5
What Will This Presentation Cover?
• Mixed Audience
– Technical – Web Admins/Security Admins
– Management – Information Security Officers
• Basic Knowledge of Unix and Web Administration
– HTTP – Web Servers
• Focus on Apache/Unix Servers (RedHat for Examples)
• Discuss many web security strategies
• Dragnet Approach
– Examples ARE real – Names/IPs have been changed or removed
• Ask Questions
– If you don’t understand an issue ask – This is YOUR class
– Q&A sessions before/after breaks
SANS@Night - Mod_Security
This page intentionally left blank.
Plik z chomika:
xterm
Inne pliki z tego folderu:
ModSecurity2_Rule_Language.pdf
(240 KB)
Mod_Security.pdf
(4252 KB)
ModSecurity2_Deployment.pdf
(814 KB)
ModSecurity_Core_Rules.pdf
(1031 KB)
ModSecurity_The_Open_Source_Web_Application_Firewall_Nov2007.pdf
(556 KB)
Inne foldery tego chomika:
cbt nuggets - security+ exam study videos - www.gurufuel.com
cbt nuggets certified ethical hacker v5 videos [2010] - www.gurufuel.com
cbt nuggets cissp v
database.th3-0utl4ws.com
htp5
Zgłoś jeśli
naruszono regulamin