IIS Secure Parameter Filter (SPF)
by Brian Holyfield / Gotham Digital Science
Platforms: Windows 2000, Windows NT, Windows XP
Categories: Access Control, Authentication, Cryptography, Data Encryption, Filtering, Firewall, Hardening, Intrusion Detection, NT, Policy Enforcement, user privileges, Web, Web, Web Access
Version: (Beta)
SPF is an application security module designed for Microsoft IIS web servers. SPF uses cryptography to dynamically secure embedded application parameters at runtime (Query String Values, Form Inputs & Cookies).

SPF does not require any changes to the underlying application code and provides instant protection against parameter tampering, URL manipulation and replay attacks. SPF also includes the capability to define forbidden input patterns (Black-Lists) using regular expressions to block known attack signatures.

Comments Mode:


Privacy Statement
Copyright 2010, SecurityFocus