[nycphp-talk] [OT] PHP IDS & Web Application Security
Ben Sgro (ProjectSkyLine)
ben at projectskyline.com
Mon Sep 24 18:37:13 EDT 2007
Hello All,
I thought some might find this interesting. A PHP based IDS for web apps.
I played around with it on the site and seems pretty cool.
FROM THE SITE:
PHPIDS (PHP-Intrusion Detection System) is a simple to use, well structured, fast and state-of-the-art security layer for your PHP based web application. The IDS neither strips, sanitizes nor filters any malicious input, it simply recognizes when an attacker tries to break your site and reacts in exactly the way you want it to. Based on a set of approved and heavily tested filter rules any attack is given a numerical impact rating which makes it easy to decide what kind of action should follow the hacking attempt. This could range from simple logging to sending out an emergency mail to the development team, displaying a warning message for the attacker or even ending the user's session.
The creators maintain a .xml with regex signatures used for detcting XSS, SQL, etc attacks.
I've seen one site in the wild that's using it to protect itself. It makes me wonder though,
as more of these solutions emerge, will we see less security conscious coding?
http://php-ids.org/news/
- Ben
I recently finished a security audit and pen test for a client. I couldn't believe the problems they had.
They found a developer off CL and with his impressive portfolio decided to work with him. Now my
firm, 8 months later, is fixing all the developers mistakes. They had cookie based auth, file upload
exploits, xss, sql injection, ... you name it we could do it. Anyways, its just sad to see these types of
moonlight coders calling themselves developers and doing an awful jobs at writing software and leaving
their clients exposed.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20070924/b6944708/attachment.html>
More information about the talk
mailing list