Ajax Fingerprinting Filtering Wth Mod Security2


Published on

Published in: Technology, News & Politics
  • Be the first to comment

  • Be the first to like this

Ajax Fingerprinting Filtering Wth Mod Security2

  1. 1. ModSecurity Use Case: Web 2.0 Defense with Ajax Fingerprinting and Filtering Ajax is fast becoming an integral part of new generation Web applications known as Web 2.0 applications. This evolution has led to new attack vectors coming into existence around these new technologies. This article is largely based on Shreeraj Shah’s article of the same name that appeared in the December 2006 edition of Insecure Magazine (http://www.net- security.org/dl/insecure/INSECURE-Mag-9.pdf). Ryan C. Barnett, Director of Application Security Training at Breach Security, has updated numerous sections to reflect the advanced ModSecurity 2.0 rules language. To combat these new threats one needs to look at different strategies as well. In this paper we shall look at different approaches and tools to improve security posture at both, the server as well as browser ends. Listed below are the key learning objectives: • The need for Ajax fingerprinting and con