- •Product Overview
- •System Specifications
- •Installation
- •Adding a User Name and Password for CodeSeeker
- •Installing ISAPI Filter into IIS 5 for Windows 2000
- •CodeSeeker Management Console Overview
- •Policy Information
- •Customizing Security Policies
- •Reports
- •Analyzing and Customizing CodeSeeker
- •Servers
- •Dot Detector
- •Hidden file detector
- •HT Configuration File Detector
- •Common Command Detectors
- •Cmd.com Script Detector
- •Null Byte Detector
- •Unicode Detector
- •Buffer Overflow Detector
- •Multiple SQL Statements Detector
- •/etc/passwd File Detector
- •/etc/shadow File Detector
- •/etc/hosts File Detector
- •Summary of Regular-Expression Constructs
- •Backslashes, escapes, and quoting
- •Line terminators
- •Unicode support
- •HTTP Status Codes
Butterfly Security CodeSeeker Application Security Solution Help |
|
Product Overview........................................................................................................................................... |
2 |
Installation...................................................................................................................................................... |
3 |
Adding a User Name and Password for CodeSeeker..................................................................................... |
4 |
Installing ISAPI Filter into IIS 5 for Windows 2000..................................................................................... |
4 |
CodeSeeker Management Console Overview................................................................................................ |
8 |
Policy Information ....................................................................................................................................... |
10 |
Customizing Security Policies ..................................................................................................................... |
12 |
Reports ......................................................................................................................................................... |
15 |
Analyzing and Customizing CodeSeeker..................................................................................................... |
18 |
Servers.......................................................................................................................................................... |
19 |
Summary of Regular-Expression Constructs............................................................................................... |
25 |
Backslashes, escapes, and quoting............................................................................................................... |
28 |
HTTP Status Codes...................................................................................................................................... |
31 |
Butterfly Security CodeSeeker Application Security Solution Help
1
Product Overview
Web Application security is a significant issue for companies doing business on the Internet. Protecting your site from Web application attacks, such as defacement and information theft, can be a very costly and time-consuming task. Troubles are compounded when an administrator is in control of a multi-server environment, using a mix of servers – Microsoft IIS©, iPlanet, and/or Apache – on a mix of operating systems – Windows, Linux, and/or Solaris.
Butterfly Security’s CodeSeeker was designed by security experts with a firsthand understanding of the problems facing system managers who must manage web application security in multi-server environments: security, manageability, and visibility.
CodeSeeker is a web applications firewall that actively monitors web traffic, seeking malicious code, and blocking in real-time all malicious requests that can pass through firewalls. Unlike conventional firewalls that can only protect against known security breaches, CodeSeeker’s heuristics look for attack behavior patterns. This means that CodeSeeker can block entire classes of malicious attacks – even if those attacks were previously unknown.
Also, because CodeSeeker resides inside the web server, it captures HTTPs sessions before and after SSL encryption. This means that, unlike any Intrusion Detection System or firewall currently available, CodeSeeker has the ability to stop attacks on both encrypted and unencrypted sessions. And this means that CodeSeeker can also protect third party applications and custom scripts from both known and unknown vulnerabilities.
CodeSeeker is extremely easy to use. Built-in, easy to apply general controls allow you to get the system up quickly, while custom security checks and fine-grained controls provide ultimate flexibility. Two modes are available – passive learn mode and active defend mode.
CodeSeeker is the only system with superior reporting capabilities. Top-level reports give at-a-glance security management, with comprehensive drill-downs to the IP level available for CSV export or onscreen viewing. These reports specify not only that you were attacked, but by what. Hyperlinked technical information helps you assess the importance and significance of policy choices and events. You can receive alerts via customizable email/pager notification with real-time or digest options and standard UNIX syslog, NT Event Log, and text file logs.
System Specifications
Windows NT/2000/XP Using IIS (Internet Information Services CodeSeeker only), Apache, or iPlanet Web Servers.
Solaris 2.7/2.8 using Apache or iPlanet Web Servers. Linux using Apache Servers.
Works with all technologies used in web-based applications - from DHTML to WML to Java.
Butterfly Security CodeSeeker Application Security Solution Help
2