mod_protection 0.0.2 relased!!
| mod_protection is an apache module that integrate basic function of an IDS
|
(intrusion detection system) and of a firewall (just an emulation for now).
Your apache administrator have only to install mod_protection and define
rules.
Obviously you see that a normal NIDS can't check SSL tunneled stuff and that
mod_protection can.
When a malicious client sends a request that matches on your rules the
administrator will be warned and the client gets a user defined page or a error
or something that notifies that now he will be persecuted or ...
The warning system just write on a socket, so you can put on the other side
of the socket an application that send you a mail, an SMS, a message in your
favourite IM or a notify in your IRC client, or why not open a message box on
your usual box.
What's new? 0.0.2 ->
introduction of three new directives:
BlockTime and PairAlert PairAlertMatch.
BlockTime introduce a partial emulation of firewall.
Test with CGI scanner.
A little more documentation.
Rules in an external file.
Changed in GPL because Apache license doesn't make sense for this module.
DIRECT DOWNLOAD HERE (always avaliable in file archive -> security -> monitor
site: http://www.twlc.net/
software: http://www.twlc.net/download.php
| | |
|
| Reader Rating from 1-5 |
|
|
|
|
|
|
 Currently there are no Talkback posted on "mod_protection 0.0.2 relased!!", Click here to be the first to post a talkback.
|
|
|
| |
