[WEB SECURITY] WebScurity ->was-> Application Security Hacking Videos

Ivan Ristic ivan.ristic at gmail.com
Thu Jun 1 16:12:47 EDT 2006

On 6/1/06, Brent Johnson <brent at fsebg.com> wrote:
> I'd like to chime in on this as a user of the WebScurity firewall.
> ...
> Per their recommendations, we had the web server listen on,
> and put the firewall app on the network interface on port 80.  The software
> installed quick, and its doing its job.  It has been installed for a few
> months and we haven't had to touch it.
> ...
> When I originally inquired on the list, I was told that what I was looking
> for wasn't possible (easy to install, easy to configure, set & forget, BWA
> HA HA HA!)...  well, that's what I got, exactly what I wanted...

What you got then was a good professional response. Personally I don't
believe a "set & forget" is a meaningful deployment strategy for a web
application firewall. But I'd be interested to learn more about your
experiences. For example, why do you believe that you are more secure
now than before?

Ivan Ristic, Technical Director
Thinking Stone, http://www.thinkingstone.com
ModSecurity: Open source Web Application Firewall

The Web Security Mailing List

The Web Security Mailing List Archives

More information about the websecurity mailing list