ref66 at yahoo.com
Mon Nov 22 13:08:46 EST 2004
Life has settled down finally and I am going to devote some time to
Stinger this weekend. Currently I plan to address the items in
StingerLearnFilter that are mentioned in the email below. Do you have
anything else you would like to throw in?
--- "Roman F." <ref66 at yahoo.com> wrote:
> Date: Thu, 30 Sep 2004 21:51:16 -0700 (PDT)
> From: "Roman F." <ref66 at yahoo.com>
> Subject: [OWASP-stinger] StingerLearnFilter
> I fired up the StingerLearnFilter on my dev box today and it works
> Almost too great, as it creates an awful lot of SVDL files in no time.
> Even the .js and .css files get SVDL.
> There were a couple small bugs in the source but I fixed them and
> committed to CVS.
> With a pretty good sized app it created a lot of SVDL files. For it to
> useful I'm going to figure out a way to configure some default messages
> for most parameters, editing all the SVDL by hand would be incredibly
> consuming. Hardcoding them isn't really an option because I think I've
> unearthed a real usability problem.
> I'm thinking it would be nice to initialize it with a default SVDL file
> that applies to /*, and the created SVDL would only contain Rules for
> request parts that are not listed in the default file. This would cut
> down on the hand-editing considerably.
> I would also like to implement some of the FIXME ideas in the comments,
> such as checking for SVDL that has already been created for a URL and
> enhancing it if there are new parts found.
> In the next few weeks I will try to deploy Stinger and the
> StingerLearnFilter in a production environment and see how it goes.
> keep you informed!
Do you Yahoo!?
The all-new My Yahoo! - Get yours free!
More information about the Owasp-stinger