httpsentry 1.0.1
httpsentry - HttpSentry <a href="http://www.httpsentry.com">(http://www.httpsentry.com)</a> is a free IIS
Filter to detect hacker attacks. It prevents common security problems such as SQL injection,
Directroy traversal and many more. it also supports URL rewrite and Server masking.
HttpSentry is also an effort to shift the burden of input validation and other security concerns
off web application developers.
Traditional network firewalls cannot protect web
applications. Port 80 is wide open and according to Gartner group, 75% of cyber attacks and
internet security violations are generated through Internet Applications.
HttpSentry
focuses on easy of use. The installation comes with only one dll and one configuration file. All
the basic rules to fight common problems are already built in and can be easily disabled via the
configuration file if necessary.
Features of HttpSentry are:
1. A set of
built in rules for detecting common invasion techniques such as Directory traversal, SQL injection,
Shellcode attack, URL split, Serverside include attack, OS command execution, Buffer overflow and
Code red attack.
2. Ability to allow/disallow URL which contains certain meta
characters. Most of the meta characters do not form legitimate input for web applications and are
mostly used by hackers.
3. Selective filters allow user to specify header locations,
such as client IP, to filter on.
4. Custom filters allow user to define any form of
regular expression based rules.
5. User can choose from three forms of actions on
each individual rule. It could be deny of access, redirect to some other web page, or/and log the
request to a file.
6.URL rewrite manipulates URL base on regular expressions and
allows user to redirect web pages.
7.Server mask protects web server identity by
changing the "Server" field in the response header.
Write Review:
