Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 10 replies
  • Subscribers 1 subscriber
  • Views 16324 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Test if WAF is working

tfp
Hello,

Can anyone recommend a 100% reliable test if WAF is actually working (especially the SQL-INJ/XSS features)? 

Firewall profile has form/url/cookie/xss/sql features enabled. I think I have configured the real webserver and virtual webserver correctly, but I don't know how to verify this.

Thank you!
Tim


This thread was automatically locked due to age.
Parents
  • 0
    how do we know if the scanner is working?  I am running these against a zimbra install..i do't see anything in the WAF live log yet the zimbra webserver is getting hammered.  I'm wondering if WAF is working at this time.

    Owner:  Emmanuel Technology Consulting

    http://etc-md.com

    Former Sophos SG(Astaro) advocate/researcher/Silver Partner

    PfSense w/Suricata, ntopng, 

    Other addons to follow

Reply
  • 0
    how do we know if the scanner is working?  I am running these against a zimbra install..i do't see anything in the WAF live log yet the zimbra webserver is getting hammered.  I'm wondering if WAF is working at this time.

    Owner:  Emmanuel Technology Consulting

    http://etc-md.com

    Former Sophos SG(Astaro) advocate/researcher/Silver Partner

    PfSense w/Suricata, ntopng, 

    Other addons to follow

Children
  • 0 in reply to William Warren
    i do't see anything in the WAF live log yet the zimbra webserver is getting hammered.

    Impossible unless you have a DNAT rule. No traffic should reach your webserver and you should have no packet filter rules for such traffic. WAF will handle all the traffic if setup correctly just like all the other proxies without the need for any additional packet filter / DNAT rules.

    WAF is pretty simple to setup and stops the random script kiddies fairly nicely. On a side note, my WAF counter is broken on the dashboard and astaro can't seem to fix it.

    Regards
    Bill

    P.S. Probably should start a new thread on how to configure without hijacking this one [;)]
Unfiltered HTML