What's new

Introduction to Web Application Firewall (WAF) ~ Website Security Guide

ebenzunlimited

Moderator
WAF.jpg
What is WAF? WAF is expanded as Web Application Firewall. WAF is server side application that controls the input and output(filter the HTTP communication).  It controls network traffic on any OSI Layer up to Application Layer.  The main purpose of WAF is to provide better protection over the top Wep Application vulnerability such as XSS(Cross Site Scripting), SQL Injection,RFI.  Daily lot of websites hacked because of these vulnerability.  Read Our Security News Section to know about the Security Risks in Interent.  Standard firewall blocks Non-HTTP attacks(restriction of ports,access..).  This WAF blocks HTTP attack.

The Most common Web Application Vulnerabilities:


    SQL Injection(SQLi)
    Cross-Site Scripting (XSS)
    Broken Authentication and Session Management
    Insecure Direct Object References
    Cross-Site Request Forgery (CSRF)
    Security Misconfiguration
    Insecure Cryptographic Storage
    Failure to Restrict URL Access
    Insufficient Transport Layer Protection
    Unvalidated Redirects and Forwards
WAF+protection.jpg


The Wep Application Firewall(WAF) must meat the following features:


    Protection Against Top Vulnerability(XSS,SQLi,..etc)
    Very Few False Positives (i.e., should NEVER disallow an authorized request)
    Strength of Default (Out of the Box) Defenses
    Power and Ease of Learn Mode
    Types of Vulnerabilities it can prevent.
    Detects disclosure and unauthorized content in outbound reply messages, such as credit-card and Social Security numbers.
    Both Positive and Negative Security model support.
    Simplified and Intuitive User Interface.
    Cluster mode support.
    High Performance (milliseconds latency).
    Complete Alerting, Forensics, Reporting capabilities.
    Web Services\XML support.
    Brute Force protection.
    Ability to Active (block and log), Passive (log only) and bypass the web trafic.
    Ability to keep individual users constrained to exactly what they have seen in the current session
    Ability to be configured to prevent ANY specific problem (i.e., Emergency Patches)
    Form Factor: Software vs. Hardware (Hardware generally preferred)

Top 10 Open Source Web Application Firefwall(WAF):

<a href="http://www.modsecurity.org/">ModSecurity (Trustwave SpiderLabs)</a>
<a href="http://www.aqtronix.com/?PageID=99">AQTRONIX WebKnight</a>
<a href="https://www.owasp.org/index.php/The_ESAPI_Web_Application_Firewall_%28ESAPI_WAF%29">ESAPI WAF</a>
<a href="http://www.webcastellum.org/">WebCastellum</a>
<a href=http://www.binarysec.com/cms/index.html">BinarySec</a>
<a href=http://www.jumperz.net/index.php">[email protected]</a>
<a href="http://openwaf.org/">OpenWAF</a>
<a href="https://www.ironbee.com/">Ironbee</a>
<a href="http://www.zionsecurity.com/solutions/implementation/web-application-firewall.aspx">Profense</a>
<a href="http://www.smoothwall.net/live/index.php">Smoothwall</a>
 
hmm good technical info
 
Last edited by a moderator:
Top