Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



IDS: Remote File include (RFI) vulnerabilities

Remote File include (RFI) vulnerabilities

From: Ravi Chunduru <ravi.is.chunduru_at_gmail.com>
Date: Wed, 16 Jul 2008 12:05:54 -0700

Hi,

I am using IntruPro-IPS to protect both servers and clients. It seems
to be flagging RFI related anomalies for traffic going from internal
clients to servers in Internet. I thought these attacks need to be
detected only if the internal servers are being attacked. That is, I
think that RFI detection is needed for server protection.

is it necessary to check the internal client traffic, that is, is this
needed for client side protection. Any reasons?

thanks
Ravi

------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it
with real-world attacks from CORE IMPACT.
Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw
to learn more.
------------------------------------------------------------------------
Received on Jul 16 2008

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos