23 January 2008 | 17,830 views

mod_anti_tamper – Anti Tamper Module for Apache 2.x

Check For Vulnerabilities with Acunetix

What Is Mod AntiTamper (AT)

AntiTamper is an Apache 2.x module that could be used to prevent some sort of url and cookie tampering.

Specifically, AT could stop a lot of those malicious bots that take advantage from search engines. Moreover, attack techniques like HTTP Response Splitting and session hijacking/fixation will be mitigated.

Is important to notice that mod_anti_tamper is not an alternative to mod_security, which is more exaustive and useful for all web situations. AT could be a complement to mod_security.

Introduction

– What is HMAC

HMAC is a validation algorithm to check the integrity of informations coupled with a secret password (more here).

AT will automatically generate a password and will save it in a ‘safe’ place (root owner with 600 mode).

How AT Works

AT is composed by two primary active components.

1. A filter for url links integrity check.
2. A filter for cookie integrity check.

Download mod_anti_tamper here:

mod_anti_tamper_0.1-alpha.tgz

Or read more here.



Recent in Countermeasures:
- StegExpose – Steganalysis Tool For Detecting Steganography In Images
- Twitter Patents Technique To Detect Mobile Malware
- Passera – Generate A Unique Strong Password For Every Website

Related Posts:
- gotroot modsecurity Rules for Apache – Anti-spam and Security
- Apache.org Hacked Using Remote SSH Key
- Hackers Penetrate Apache.org In Direct Targeted Attack

Most Read in Countermeasures:
- AJAX: Is your application secure enough? - 119,185 views
- Password Hasher Firefox Extension - 117,047 views
- NDR or Backscatter Spam – How Non Delivery Reports Become a Nuisance - 57,560 views

Low-cost VPS Hosting

3 Responses to “mod_anti_tamper – Anti Tamper Module for Apache 2.x”

  1. goodpeople 26 January 2008 at 12:59 am Permalink

    Sorry that I didn’t comment on this one earlier. I’m kinda busy these days..

    This is a very usefull feature. I will definately introduce this in my own webserver.

  2. Fran 29 January 2008 at 4:59 pm Permalink

    2005!! it’s obsolete!

  3. eM3rC 7 February 2008 at 5:49 am Permalink

    All servers deserve this although Fran brings up a good point of it being kind of dated…