'[mod-security-users] Fingerprint Sharing Alliance for ModSecurity'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       mod-security-users
Subject:    [mod-security-users] Fingerprint Sharing Alliance for ModSecurity
From:       Ryan Barnett <RBarnett () trustwave ! com>
Date:       2011-06-03 15:44:12
Message-ID: CA0E798C.27E81%rbarnett () trustwave ! com
[Download RAW message or body]

I wanted to run an idea past the community to see if there would be enough interest \
in pursing this concept further.  Please refer to this project by Arbor Networks - \
http://www.arbornetworks.com/fingerprint-sharing-alliance.html

This is the key description paragraph -

"Attack resolution requires real-time cooperation and coordination between service \
providers to identify a compromised or infected system as close to the absolute \
Internet ingress as possible. The community of service providers that are \
participating in the Fingerprint Sharing Alliance will be sharing cyber attack \
profiles, or "fingerprints" to stop attacks more quickly and closer to the source. \
This is the first time worldwide telecommunications companies have been able to share \
attack profiles automatically, allowing providers to consistently protect one another \
and their customers from today's distributed threats."

What I am interested in doing it creating an automated method for users to submit \
"fingerprints" of malicious attacks they have seen on their sites so that other \
ModSecurity users can quickly download those rules and use them to protect their \
sites.  I don't want to dive too deep into the technical details of "how" at this \
point.

What I want to know is the following -

 1.  Is this something that you would use?
 2.  Is this something that you would participate in by submitting fingerprints?

Please respond to this email thread if you are interested in this concept.  If we get \
a good response, we will proceed with development and work with the community on \
details.

Thanks,
Ryan

________________________________
This transmission may contain information that is privileged, confidential, and/or \
exempt from disclosure under applicable law. If you are not the intended recipient, \
you are hereby notified that any disclosure, copying, distribution, or use of the \
information contained herein (including any reliance thereon) is STRICTLY PROHIBITED. \
If you received this transmission in error, please immediately contact the sender and \
destroy the material in its entirety, whether in electronic or hard copy format.


------------------------------------------------------------------------------
Simplify data backup and recovery for your virtual environment with vRanger.
Installation's a snap, and flexible recovery options mean your data is safe,
secure and there when you need it. Discover what all the cheering's about.
Get your free trial download today. 
http://p.sf.net/sfu/quest-dev2dev2 
_______________________________________________
mod-security-users mailing list
mod-security-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/mod-security-users
ModSecurity Services from Trustwave's SpiderLabs:
https://www.trustwave.com/spiderLabs.php


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic