Escolar Documentos
Profissional Documentos
Cultura Documentos
- site: http://www.modsecurity.org
http://www.webapp.com/login.php?username=admin';drop%20table%20users--
secfilter "drop[[:space:]]table"
--> instalando
- ln -s /etc/httpd/2.0/conf/mod_security-snortrules.conf /etc/httpd/conf/
--> configurando
- secauditengine on
ativa logs do mod_security
ver: /var/log/httpd/audit_log
- secfilterdebuglevel 2
nivel do log em modo debug
ver: /var/log/httpd/mod_sec_debug_log
--> testando
http://127.0.0.1/cgi-bin/test.cgi?/bin/ls
- mkdir modsecurity
- cd modsecurity
- wget http://www.gotroot.com/downloads/ftp/mod_security/apache2/apache2-
gotrootrules-latest.tar.gz
- editar : vi /etc/httpd/modules.d/82_mod_security.conf
include /etc/httpd/conf/modsecurity/apache2/exclude.conf
#additional rules for apache 2.x only! do not add this line if you use
apache 1.x
include /etc/httpd/conf/modsecurity/apache2/apache2-rules.conf
- restart o apache
--> fontes:
http://www.onlamp.com/pub/a/apache/2003/11/26/mod_security.html
http://www.onlamp.com/pub/a/apache/2005/12/01/modsecurity.html?page=4
http://www.securityfocus.com/infocus/1739
http://www.modsecurity.org/download/rules/modsecurity-hardening.conf
http://www.modsecurity.org/documentation/modsecurity-apache-manual-1.9.2.html
http://www.gotroot.com/tiki-index.php?page=setup+of+mod_security
- servertokens prod
- serversignature off
--> fontes:
http://wiki.linuxquestions.org/wiki/securing_apache
http://www.securityfocus.com/infocus/1694
http://www.linux.com/article.pl?sid=04/07/09/1935231