Hello everyone, I am pleased to announce the release of the OWASP ModSecurity Core Rule Set (CRS) v2.1.2. This is a significant update as we have added a couple very important capabilities.
CHANGE LOG - -------------------------- Version 2.1.2 - 02/17/2011 -------------------------- Improvements: - Added experimental real-time application profiling ruleset. - Added experimental Lua script for profiling the # of page scripts, iframes, etc.. which will help to identify successful XSS attacks and planting of malware links. - Added new CSRF detection rule which will trigger if a subsequent request comes too quickly (need to use the Ignore Static Content rules). Bug Fixes: - Added missing " in the skipAfter SecAction in the CC Detection rule set -------------------------- DOWNLOADING -------------------------- Manual Downloading: You can always download the latest CRS version here - https://sourceforge.net/projects/mod-security/files/modsecurity-crs/0-CURRENT/ Automated Downloading: Use the rules-updater.pl script in the CRS /util directory # Get a list of what the repository contains: $ ./rules-updater.pl -rhttp://www.modsecurity.org/autoupdate/repository/ -l Repository: http://www.modsecurity.org/autoupdate/repository modsecurity-crs { 2.0.0: modsecurity-crs_2.0.0.zip 2.0.1: modsecurity-crs_2.0.1.zip 2.0.2: modsecurity-crs_2.0.2.zip 2.0.3: modsecurity-crs_2.0.3.zip 2.0.4: modsecurity-crs_2.0.4.zip 2.0.5: modsecurity-crs_2.0.5.zip 2.0.6: modsecurity-crs_2.0.6.zip 2.0.7: modsecurity-crs_2.0.7.zip 2.0.8: modsecurity-crs_2.0.8.zip 2.0.9: modsecurity-crs_2.0.9.zip 2.0.9: modsecurity-crs_2.0.10.zip 2.1.0: modsecurity-crs_2.1.0.zip 2.1.1: modsecurity-crs_2.1.1.zip 2.1.2: modsecurity-crs_2.1.2.zip } # Get the latest stable version of "modsecurity-crs": $ ./rules-updater.pl -rhttp://www.modsecurity.org/autoupdate/repository/ -prules -Smodsecurity-crs Fetching: modsecurity-crs/modsecurity-crs_2.1.2.zip ... $ ls -R rules modsecurity-crs rules/modsecurity-crs: modsecurity-crs_2.1.2.zip modsecurity-crs_2.1.2.zip.sig -- Ryan Barnett Senior Security Researcher Trustwave - SpiderLabs ________________________________ This transmission may contain information that is privileged, confidential, and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is STRICTLY PROHIBITED. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format. _______________________________________________ Owasp-modsecurity-core-rule-set mailing list [email protected] https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set
