mod_anti_tamper – Anti Tamper Module for Apache 2.x ~ WhiteCyber

Tuesday, June 14, 2011

mod_anti_tamper – Anti Tamper Module for Apache 2.x

2:19 AM expert No comments

What Is Mod AntiTamper (AT)

AntiTamper is an Apache 2.x module that could be used to prevent some sort of url and cookie tampering.

Specifically, AT could stop a lot of those malicious bots that take advantage from search engines. Moreover, attack techniques like HTTP Response Splitting and session hijacking/fixation will be mitigated.

Is important to notice that mod_anti_tamper is not an alternative to mod_security, which is more exaustive and useful for all web situations. AT could be a complement to mod_security.

Introduction
- What is HMAC
HMAC is a validation algorithm to check the integrity of informations coupled with a secret password (more here).
AT will automatically generate a password and will save it in a ‘safe’ place (root owner with 600 mode).

How AT Works
AT is composed by two primary active components.
1. A filter for url links integrity check.
2. A filter for cookie integrity check.
Download mod_anti_tamper here:
mod_anti_tamper_0.1-alpha.tgz

Posted in: Hacking Tools,Web Hacking

WhiteCyber

Tuesday, June 14, 2011

mod_anti_tamper – Anti Tamper Module for Apache 2.x

0 comments:

Post a Comment

Shoutbox

Popular Posts

Blog Archive

Labels

Blog Archive

Share

Backtrack OS

Blogroll

Blogger news

About