[TriLUG-announce] October 14 meeting: ModSecurity
justis.peters at gmail.com
Fri Oct 8 16:18:11 EDT 2010
Title: Introduction to ModSecurity, the Open Source Web Application Firewall
Time & Place: October 14, 2010, 7pm, at Red Hat HQ
Presenter: Cristóbal Palmer
Official meeting announcement: http://trilug.org/ModSecurity-2010-10-14
About this talk:
So your web server listens on port 80 and your firewall blocks most
everything else. Secure, right? How about that port 80? Do you trust
your application code? Is your server patched? Are your developers
really more clever than the folks who want to break in? Is security even
on the mind of your developers?
Our traditional firewalls (packet filters) may have narrowed the field
to HTTP, but crackers and worms have responded by refocusing their
efforts directly at HTTP. Worse yet, most packet filters think all HTTP
requests look legitimate. What's your next line of defense?
This presentation introduces ModSecurity, a web application firewall
(WAF). ModSecurity is open source, mature, stable, flexible, and updated
frequently. It can run embedded in Apache or as a reverse proxy in front
of any traditional web server. It is highly discriminating and it
definitely understands HTTP at a deeper level than your packet filter.
Come learn how to get started with ModSecurity. You'll be glad that you did.
About the presenter:
Cristóbal Palmer, a long-time member of the TriLUG Steering Committee,
just finished his MSIS at UNC Chapel Hill, where he is a Systems
Administrator with ibiblio.org. He also works with Caktus Consulting
Group, a local django development shop.
More information about the TriLUG-announce