I finished reading the ModSecurity 2.5 book, written by Magnus Mischell and published by Packt Publishing. I found a lot of interest reading it as I was already using ModSecurity – and I think anyone exposing an Apache web server should. I was actually using it partially. It is not trivial to secure a web [...]
Archive of posts filed under the IDS / IPS category.
Promiscuous mode detection
Detectpromisc is a python script based on Scapy, that allows to detect if a computer is sniffing the network. By nature, it is quite difficult to detect if a machine is sniffing, because it operates passively, receiving all packets from the wire but, normaly, answering only to packets destinated to itself. There are however several [...]
DecaffenatID : a little ARP IDS for Windows
DecaffeinatID is a tool for Windows that can be very useful against ARP attacks.
