Do you have a question? Post it now! No Registration Necessary. Now with pictures!
June 23, 2008, 7:24 am
rate this thread
Have anyone tried PHPIDS? Is this really effective against kiddies and
penetration testers? Just read abt it on howtoforge, it would be great
to know your opinion.
I don't consider it as the only security solution for web-services -
but if it really does what it announces it may become another musthave
security tool on web-servers.
Kirill "REDbyte" Novikov.
I'd never heard of it before now, but looking at http://php-ids.org /
raises more concerns than answers questions.
To begin with, IME, bolt-on security products are usually
fundamentally flawed in terms of the concept; really the only way to
add security to an existing system is to build in controls between the
layers of the system (like firewalls, mod_security, suhosin...).
Next, security in IT is a complex thing and needs to be understood
properly to be implemented - there is no documentation of what the
product actually does nor how to use it on the website - the
'documentation' link takes you directly to the output of PHPDocumentor
- and the comments in the code don't help much.
Next, messing about with the demo, it is obviously based on a rather
crude set of blacklist words - rather like a VERY crude virus checker.
As has been written elsewhere, this approach to detecting
innapropriate content will always be playing catchup with new attack
Its not where I'd start when thinking about securing a PHP
- » PSQL / Apache process memory cpu limits (prevent DOS)
- — Next thread in » Linux Security
- » Cloud Ace Technologies is offering Implementation Services on Cloud Computing, Cloud Serv...
- — Newest thread in » Linux Security