httpsentry

HttpSentry (http://www.httpsentry.com) is a free IIS Filter to detect hacker attacks. It prevents common security problems such as SQL injection, Directroy traversal and many more. it also supports URL rewrite and Server masking.

HttpSentry is also an effort to shift the burden of input validation and other security concerns off web application developers.

Traditional network firewalls cannot protect web applications. Port 80 is wide open and according to Gartner group, 75% of cyber attacks and internet security violations are generated through Internet Applications.

HttpSentry focuses on easy of use. The installation comes with only one dll and one configuration file. All the basic rules to fight common problems are already built in and can be easily disabled via the configuration file if necessary.

Features of HttpSentry are:

1. A set of built in rules for detecting common invasion techniques such as Directory traversal, SQL injection, Shellcode attack, URL split, Serverside include attack, OS command execution, Buffer overflow and Code red attack.

2. Ability to allow/disallow URL which contains certain meta characters. Most of the meta characters do not form legitimate input for web applications and are mostly used by hackers.

3. Selective filters allow user to specify header locations, such as client IP, to filter on.

4. Custom filters allow user to define any form of regular expression based rules.

5. User can choose from three forms of actions on each individual rule. It could be deny of access, redirect to some other web page, or/and log the request to a file.

6.URL rewrite manipulates URL base on regular expressions and allows user to redirect web pages.

7.Server mask protects web server identity by changing the "Server" field in the response header.