Wednesday, March 18, 2009

PHPIDS Phase 1.1

I have been reviewing PHPIDS for some time now, and have come to the conclusion that while a novel idea... it is simply overkill and extra rubbish to include in your php code. I also have some ideas surrounding evasion techniques.... Don't get me wrong, I think that in the right place (i.e. a server that you can not load a real IDS/IPS such as mod_security on) it is better than nothing. I will place one caveat on that though, I am not 100% sure what it does to load capacity (or increasing the load of) and existing site. I'll be conducting some extensive load testing on it over the next week or so and posting those results.

JJC

1 comment:

JJC said...

Note, I updated my twitt name to match my IRC name... kthx