[Owasp-modsecurity-core-rule-set] basic questions of apache exploitation & modsecurity.
d3taveras38d3 at gmail.com
Wed Feb 10 18:56:36 EST 2010
Iam trying to build a very general panorama on the paths a hack can
take place with modsecurity & an apache webserver. So i have some
a.) all possible apache attacks start via a request method, correct ?
(DELETE, GET, HEAD, PUT, POST), correct?
b.) Although modsecurity inspects the REQUEST_URI, the focus is
actually the QUERY_STRING this is what all the rules end up inspecting
right (aside from the body content for data leakage). Right?
c.) If I host an apache webserver with vulerabilities within the
apache code and this one hosts no scripts or data. Is it possible to
exploit those vulerabilities on apache?
d.) How if a buffer overflow exploited on a webserver hosting images
and php scripts?
e.) What is the point of installing modsecurity aside from certain
protection of DoS attacks, or security awareness if I host an apache
webserver with only html pages?
More information about the Owasp-modsecurity-core-rule-set