This is FP's Typepad Profile.
Join Typepad and start following FP's activity
FP
Recent Activity
I like this approach (I use bayesian for other process as adult sites detection, malware detection,..) , which should be generalized with others VARS (REMOTE_ADDRESS, autonomous system number, HOUR, etc..)
But I have some difficulties : ham.cfc is growing, not spam.cfc, even with an sqlmap...
It's seems that, if a rule match, modsecurity never goes to the bayesian rules. Even with SecAction id 900004...
Am I missing something ?
Commented May 11, 2013 on Web Application Defense: Bayesian Attack Analysis at Trustwave SpiderLabs
Web Application Defense: Bayesian Attack Analysis
Regular Expressions for Input Validation If your web application defensive strategy against injection attacks relies solely upon the use of blacklist regular expression for input validation, it is only a matter of time before an attacker finds an evasion. Want proof? Check out our SQL Injectio...
FP is now following TypePad France
May 11, 2013
Subscribe to FP’s Recent Activity
0 Favorites