> -----Original Message----- > From: Justin Shin [mailto:[EMAIL PROTECTED] > Sent: Tuesday, July 22, 2003 8:33 PM > To: [EMAIL PROTECTED] > Subject: [Full-Disclosure] logically stopping xss > > > i know there's a lot of stupid jokes about XSS vulns right > now, but I was wondering if there is any firewall or IDS > software that can look for suspicious GET requests ... ie. > > GET /vulnerablewebapp/?<XSS SHZNIT> > > I'm sure there's a program out there ... and I'm stupid, > please don't kill me...
You're referring to application firewalls, and yes they exist. There are products available specifically designed to protect a web server from all sort of attacks. Look at http://www.owasp.org/ for information about that field in general and what's going on in the open source community WRT it. Paul Schmehl ([EMAIL PROTECTED]) Adjunct Information Security Officer The University of Texas at Dallas AVIEN Founding Member http://www.utdallas.edu/~pauls/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html