[Owasp-modsecurity-core-rule-set] please add f-secure radar to scanners-user-agents.data

Eero Volotinen eero.volotinen at iki.fi
Wed Mar 14 22:57:49 UTC 2018


Thanks, I will try to test it on today/tomorrow.

also noticed that useragent can also contain some random id string like '
59e85179-1c46-4f3a-acd1-5c5f6967dc00'
this might be related to scan task id? see grep from my logs:

https://pastebin.com/6wnitcXQ

Eero

On Wed, Mar 14, 2018 at 11:09 PM, Christian Folini <
christian.folini at netnea.com> wrote:

> Hey Eero,
>
> Thank you for the suggestion. I just made this into a pull request.
>
> https://github.com/SpiderLabs/owasp-modsecurity-crs/pull/1039
>
> Please try it out and confirm detection works as intended.
> Ideally on github.
>
> Ahoj,
>
> Christian
>
>
>
> On Tue, Mar 13, 2018 at 02:20:30PM +0200, Eero Volotinen wrote:
> >    Hi,
> >    Please add entry for f-secure radar:
> >    #[1]https://www.f-secure.com/en/web/business_global/radar
> >    User-Agent: Mozilla/4.0 (Mozilla/4.0; MSIE 7.0; Windows NT 5.1; FDM;
> >    SV1; .NET CLR 3.0.04506.30) F-Secure Radar
> >    br,
> >    Eero
> >
> > References
> >
> >    1. https://www.f-secure.com/en/web/business_global/radar
>
> > _______________________________________________
> > Owasp-modsecurity-core-rule-set mailing list
> > Owasp-modsecurity-core-rule-set at lists.owasp.org
> > https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set
>
>
> --
> https://www.feistyduck.com/training/modsecurity-training-course
> https://www.feistyduck.com/books/modsecurity-handbook/
> mailto:christian.folini at netnea.com
> twitter: @ChrFolini
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-modsecurity-core-rule-set/attachments/20180315/27b5a446/attachment.html>


More information about the Owasp-modsecurity-core-rule-set mailing list