Re: mod_security rule database

[NightHawk <nighthawk () easyservermanagement com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I think that is a wonderful idea, anytime everyone pools thier knowledge I 
feel it is an advantage to the community as a whole.  It will be especially 
usefull to newer admins who otherwise might never try modsecurity (due to 
fear of learning curve).

NH

On Friday 31 October 2003 12:25 pm, Ivan Ristic wrote:
> I have this idea about creating a mod_security
> rule database, similar to what the Snort folks
> have. My very rough notes are available here:
>
> http://www.modsecurity.org/download/modsec-ruledb.txt
>
> I am well aware of the VulnXML and OASIS WAS efforts
> but I feel the focus of the mod_security rule
> database would be different. I want to create something
> really easy to use, a tool that would help people
> protect themselves (automatic updates perhaps).
>
> For example, accessing an URL such as:
> http://www.modsecurity.org/rules/download/phpgroup/php/4.3/
>
> would produce rules to patch PHP 4.3 vulnerabilities.
>
> Would someone care to contribute an opinion on this
> subject?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQE/oqi8b58ZIoF+byQRAmDeAJ935jAvvDTR99LKJgiQ9qLDSFKXEQCglFFh
UEkG8WZASPSoScS1nH7Gn7k=
=LhPs
-----END PGP SIGNATURE-----