[Owasp-appsensor-project] New Unexpected Type/Quantity Detection Points
Colin Watson
colin.watson at owasp.org
Tue Nov 2 03:39:47 EDT 2010
Ryan
I think these are worth adding. They are more general cases of the
AuthenticationException ones. It is good to have both since
thresholds and responses may be different.
I have a chart of relationships between detection points in my
presentation next week at AppSec DC 2010. RE7 and RE8 won't be on it
though!
Colin
On 1 November 2010 18:47, Ryan Barnett <rcbarnett at gmail.com> wrote:
> I suggest that we add a new Detection Point in the RequestException category
> similar to the following AuthenticationException ones -
>
> 2.2.4 AE4: Unexpected Quantity of Characters in Username
> <http://www.owasp.org/index.php/AppSensor_DetectionPoints#AE4:_Unexpected_Quantity_of_Characters_in_Username>
> 2.2.5 AE5: Unexpected Quantity of Characters in Password
> <http://www.owasp.org/index.php/AppSensor_DetectionPoints#AE5:_Unexpected_Quantity_of_Characters_in_Password>
> 2.2.6 AE6: Unexpected Type of Character in Username
> <http://www.owasp.org/index.php/AppSensor_DetectionPoints#AE6:_Unexpected_Type_of_Character_in_Username>
> 2.2.7 AE7: Unexpected Type of Character in Password
> <http://www.owasp.org/index.php/AppSensor_DetectionPoints#AE7:_Unexpected_Type_of_Character_in_Password>
>
> Instead of only focusing in on username/password parameters, the detection
> should be something like -
>
> 2.1.7 RE7: Unexpected Quantity of Characters in Parameter
> 2.1.8 RE8: Unexpected Type of Characters in Parameter
>
> BTW – I am working on these types of application profiling/learning
> detection points for additions to the ModSecurity CRS.
>
> -Ryan
>
> _______________________________________________
> Owasp-appsensor-project mailing list
> Owasp-appsensor-project at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-appsensor-project
>
>
More information about the Owasp-appsensor-project
mailing list