mod_security "Got Root" rule updating service
Amos Shapira
amos.shapira at gmail.com
Tue Jul 14 12:42:06 IDT 2009
Hello,
I'm in a marathon to finish our PCI DSS compliance policy and one of
the sections is "11.4: b) Are all intrusion-detection and prevention
engines kept up-to-date?".
I'm not sure we even need it since I expected we just train
mod_security for our applications and prevent any request outside
their scope from being served.
But maybe we should keep updating rules against new attacks which will
help avoid our tweaked rules from letting through an attack which
still matches them?
The only service to provide updated mod_security which I found is from
"Got Root?" at http://www.gotroot.com/tiki-index.php?page=mod_security+rules.
It appears to be a commercial subscription service (which allows free
rule updates download 30 days later).
Does this look like a good thing(TM)? Is there another service people
here are familiar with?
Cheers,
--Amos
More information about the Linux-il
mailing list