mod_protection 0.0.2 relased!! Date: Monday, March 18 2002 Topic: Security mod_protection is an apache module that integrate basic function of an IDS (intrusion detection system) and of a firewall (just an emulation for now). Your apache administrator have only to install mod_protection and define rules. Obviously you see that a normal NIDS can't check SSL tunneled stuff and that mod_protection can. When a malicious client sends a request that matches on your rules the administrator will be warned and the client gets a user defined page or a error or something that notifies that now he will be persecuted or ... The warning system just write on a socket, so you can put on the other side of the socket an application that send you a mail, an SMS, a message in your favourite IM or a notify in your IRC client, or why not open a message box on your usual box. What's new? 0.0.2 -> introduction of three new directives: BlockTime and PairAlert PairAlertMatch. BlockTime introduce a partial emulation of firewall. Test with CGI scanner. A little more documentation. Rules in an external file. Changed in GPL because Apache license doesn't make sense for this module. DIRECT DOWNLOAD HERE (always avaliable in file archive -> security -> monitor site: http://www.twlc.net/ software: http://www.twlc.net/download.php This article comes from osforge.com http://www.osforge.com The URL for this story is: http://www.osforge.com/news/00620.html