![]() ![]() The mod_security product covered here can be placed in front of any Web server (Apache is not required). AQTRONIX lends itself to deploying in IIS environments and mod_security in Apache environments. ![]() There are two well known open source WAFs: AQTRONIX and ModSecurity. The PCI DSS requires either the deployment of WAFs or manual procedures to ensure security is being applied. For example, a request to a specific compromised version of a cgi program may come in as, which can be blocked based upon its signature.īesides the additional security afforded by application aware firewalls, may organizations need to deploy WAFs to support payment card industry (PCI) projects to become compliant with the PCI DSS as required by Visa and Master Card. With signatures, the payload within the payload of the packet (for example http) is inspected for specific signatures of hacks. With protocol awareness, deep packet inspection may look at things such as protocol versions, protocol inconsistencies, invalid requests, domain name resolution checking, and other methods that are easily identified as being out of the norm. Deep packet inspection detects anomalies in two ways: protocol awareness and signatures. A WAF looks beyond the traditional IP and TCP/UDP and examines the payload to determine if the traffic is malicious. A typical firewall examines the IP address, the protocol (TCP or UDP) and the port to determine if the traffic is authorized. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |