Saturday, April 21, 2007

Pour logger le traffic sur un serveur Apache

clipped from

ModSecurity for Apache

HTTP Traffic Logging

Web servers are typically well-equipped to log traffic in a form useful for marketing analyses, but fall short when it comes to logging of traffic to web applications. In particular, most are not capable of logging the request bodies. Your adversaries know this, and that is why most attacks are now carried out via POST requests, rendering your systems blind.

Real-Time Monitoring and Attack Detection

Attack Prevention and Just-in-time Patching

Flexible Rule Engine

Embedded Deployment

Network-Based Deployment

ModSecurity is known to work well on a wide range of operating systems. Our customers are successfully running it on Linux, Windows, Solaris, FreeBSD, OpenBSD, NetBSD, AIX, Mac OS X, and HP-UX.

Negative security model.
Known weaknesses and vulnerabilities.
Positive security model.
powered by clipmarksblog it