[Owasp-modsecurity-core-rule-set] WebSocket CRS Rules

Hiranmayi Palanki Hiranmayi.Palanki at aexp.com
Thu May 17 17:44:09 UTC 2018


Hello Christian and Team,

I'm interested in the community's thoughts on having CRS rules or Custom Rules for detecting attacks against WebSocket connections, specifically DoS and Websocket header tampering.

Thanks.


American Express made the following annotations
******************************************************************************
"This message and any attachments are solely for the intended recipient and may contain confidential or privileged information. If you are not the intended recipient, any disclosure, copying, use, or distribution of the information included in this message and any attachments is prohibited. If you have received this communication in error, please notify us by reply e-mail and immediately and permanently delete this message and any attachments. Thank you."

American Express a ajouté le commentaire suivant le Ce courrier et toute pièce jointe qu'il contient sont réservés au seul destinataire indiqué et peuvent renfermer des 
renseignements confidentiels et privilégiés. Si vous n'êtes pas le destinataire prévu, toute divulgation, duplication, utilisation ou distribution du courrier ou de toute pièce jointe est interdite. Si vous avez reçu cette communication par erreur, veuillez nous en aviser par courrier et détruire immédiatement le courrier et les pièces jointes. Merci.

******************************************************************************
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-modsecurity-core-rule-set/attachments/20180517/a580fe4f/attachment.html>


More information about the Owasp-modsecurity-core-rule-set mailing list