Reu
Reputation: 1287
Request based intrusion detection in Tomcat
I'm wondering if there is a way to push tomcat requests through a custom class easily (e.g without having to heavily modify the codebase) to do things like running a regex to check for XSS and SQL Injection attacks and deny them/sanitize them based on this knowledge.
Thanks
Upvotes: 1
Views: 486
Answers (1)
duffymo
Reputation: 308928
Of course - use a Filter:
http://www.google.com/search?sourceid=chrome&ie=UTF-8&q=java+xss+filter http://www.google.com/search?sourceid=chrome&ie=UTF-8&q=java+servlet+filter
Upvotes: 2
Related Questions
- Tomcat Virtual Host to prevent Improper-Input-Handling attack
- How to detect parameter tampering and slow HTTP on Tomcat server?
- tomcat security constraints
- Need help to understand and implement basic web app security
- Interception of browser's requests (post/get)
- Tomcat and flood protection
- Preventing DoS attacks in tomcat 6
- tomcat and java.security.Security
- Tomcat servlet security
- How to identify non static tomcat requests