PHPIDS » Web Application Security 2.0

Was just thinking - would just be awesome to enable/disable it on demand. Maybe in later versions ;)

Hi Christian, It is totally fine. I don't think it would be a problem if we have two versions of

Maybe someone want to review my Typo3 Extension of PHP IDS? You can get it here: https://typo3.org/

Hi, I pressed "send" to early, will just go on inline. Am Dienstag, den 23.12.2008, 01:24 +

Thank you, Mario. Everthing works now perfect. Greetings, Sascha On 18 Dez., 13:51, "Mario

Awesome stuff - and very interesting bug which was uncovered by this vector. Fixed! On Sun, Sep 21,

It's disabled by default - but you can switch it on for certain fields. You can do this in the

Hi, I definitely agree with Mario. And that was my whole point before, too (which I made clear to

Hi, Just wanted to let you know that the current trunk revision of the PHPIDS supports json scanning.

Hi, yep - you made everything right :) The regex wasn't matching the <![CDATA[&]]> -

PHPIDS 0.5.2 is out... http://php-ids.org/2008/07/24/phpids-052-the-lightspeed-edition/ Cheers, .

Coolish ;) On Mon, Jul 21, 2008 at 11:12 AM, sascha...@googlemail.com <sascha.waitz@googlemail.

Hi, MAC addresses - hmm - we haven't tested on that pattern yet. Thanks for pointing out! I just

The HTML demo is online - no extra link - just the normal demo with a checkbox. Have fun! (but don

Sounds interesting :) On May 1, 8:21 am, Mario Heiderich <Mario.Heider...@googlemail.com> wrote

Hi! One of our forum users found a bug in the database caching recently - this is meanwhile fixed in

http://www.businessinfo.co.uk/labs/phpids/phpids1.html On Feb 29, 3:04 pm, "Mario Heiderich

>> Yeah agreed I'm not saying that the PHPIDS should become a IPS system, >> but the

Hi! Thanks a lot - I like the categorization and I will add more stuff the next days. I think I will

Hi! Nice thoughts - what about using S3 to solve problem 2? 2007/10/26, Lars Strojny <lars@strojny

Nice hint can - I will take a deeper look as soon as I find some time! 2007/10/23, can <christian.

Well, I didn't got the idea about usage for developers, I thought it more for some Website owner

Nice ones! I added some extra spice to make that attack pattern more unlikely to slip through.

Hi guys, After the release of PHPIDS 4.1 (including the centrifuge feature) yesterday, I think it is

Hi! I've been playing around lately with some generic attack detection - first trying levenshtein

Hi David! Nope - assumption 1) is not exactly correct - although the rule has flaws indeed. The plan

Hi teemow! "Currently it is definitely Sisyphus work to maintain the regexes" Currently yes

The spammers seem to read our list too *kidding* ---------- Forwarded message ---------- From:

Hi! Just stumbled upon Airifier - pretty neat tool which allows you to create AIR applications off

DOS is a interesting issue I recommend the following layer:- 1. Detect DOS attacks. 2. Identify