FYI – I just fixed a typo in the optional_rules/modsecurity_crs_16_session_hijacking.conf file. I updated the archives. Please re-download.
Cheers, Ryan From: Ryan Barnett <[email protected]<mailto:[email protected]>> Date: Wed, 29 Dec 2010 13:58:15 -0600 To: "[email protected]<mailto:[email protected]>" <[email protected]<mailto:[email protected]>>, "[email protected]<mailto:[email protected]>" <[email protected]<mailto:[email protected]>> Subject: Seasons Greetings! Announcing Release of OWASP ModSecurity CRS v2.1.0 Greetings everyone, I am pleased to announce the release of the OWASP ModSecurity Core Rule Set (CRS) v2.1.0. This is a significant update as we have added many new capabilities. CHANGE LOG - -------------------------- Version 2.1.0 - 12/29/2010 -------------------------- Improvements: - Added Experimental Lua Converter script to normalize payloads. Based on PHPIDS Converter code and it used with the advanced filters conf file. - Changed the name of PHPIDS converted rules to Advanced Filters - Added Ignore Static Content (Performance enhancement) rule set - Added XML Enabler (Web Services) rule set which will parse XML data - Added Authorized Vulnerability Scanning (AVS) Whitelist rule set - Added Denial of Service (DoS) Protection rule set - Added Slow HTTP DoS (Connection Consumption) Protection rule set - Added Brute Force Attack Protection rule set - Added Session Hijacking Detection rule set - Added Username Tracking rule set - Added Authentication Tracking rule set - Added Anti-Virus Scanning of File Attachments rule set - Added AV Scanning program to /util directory - Added Credit Card Usage Tracking/Leakage Prevention rule set - Added experimental CC Track/PAN Leakage Prevention rule set - Added an experimental_rules directory to hold new BETA rules - Moved the local exceptions conf file back into base_rules dirctory however it has a ".example" extension to prevent overwriting customized versions when upgrading - Separated out HTTP Parameter Pollution and Restricted Character Anomaly Detection rules to the experimental_rules directory - Adding the REQUEST_HEADERS:User-Agent macro data to the initcol in 10 config file, which will help to make collections a bit more unique -------------------------- DOWNLOADING -------------------------- Manual Downloading: You can always download the latest CRS version here - https://sourceforge.net/projects/mod-security/files/modsecurity-crs/0-CURRENT/ Automated Downloading: Use the rules-updater.pl script in the CRS /util directory # Get a list of what the repository contains: $ ./rules-updater.pl -rhttp://www.modsecurity.org/autoupdate/repository/ -l Repository: http://www.modsecurity.org/autoupdate/repository modsecurity-crs { 2.0.0: modsecurity-crs_2.0.0.zip 2.0.1: modsecurity-crs_2.0.1.zip 2.0.2: modsecurity-crs_2.0.2.zip 2.0.3: modsecurity-crs_2.0.3.zip 2.0.4: modsecurity-crs_2.0.4.zip 2.0.5: modsecurity-crs_2.0.5.zip 2.0.6: modsecurity-crs_2.0.6.zip 2.0.7: modsecurity-crs_2.0.7.zip 2.0.8: modsecurity-crs_2.0.8.zip 2.0.9: modsecurity-crs_2.0.9.zip 2.0.9: modsecurity-crs_2.0.10.zip 2.1.0: modsecurity-crs_2.1.0.zip } # Get the latest stable version of "modsecurity-crs": $ ./rules-updater.pl -rhttp://www.modsecurity.org/autoupdate/repository/ -prules -Smodsecurity-crs Fetching: modsecurity-crs/modsecurity-crs_2.1.0.zip ... $ ls -R rules modsecurity-crs rules/modsecurity-crs: modsecurity-crs_2.1.0.zip modsecurity-crs_2.1.0.zip.sig -- Ryan Barnett Senior Security Researcher Trustwave - SpiderLabs ModSecurity Community Manager OWASP ModSecurity CRS Project Leader _______________________________________________ Owasp-modsecurity-core-rule-set mailing list [email protected] https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set
