Took a while, but I think I finally got something “new” worth sharing.
Again as with most things I do, this really isn’t anything new, but is really a mash up of other people’s ideas.
The purpose of this series is to do a little offensive defense of a web server (mostly focused on Microsoft).
We will start with some background: setting up IIS and logging, using ipsec as a firewall in Windows 2003, using command line commands to manage a firewall in Windows 2008 and mining logs with Logparser.
With that knowledge we will be able to set up a script to implement a very simple “web application firewall”.
We will conclude the series with a look at URLscan, a better version of the script and a Linux version of the “web application firewall”.
Stay tuned…