Web security

[Phileas]

Does Untangle include some proetction against some attack patterns like Cross Site Scripting and SQL Injection?

If no, i suggest so as well as common attacks to :
- web servers (apache, php, cgi...)
- operating system (windows, linux...)
- mail servers (pop, imap, smtp...)
- database servers (mysql...)
- malware (dos, ddos, flood protection ...)
- and several others like DNS, SNMP
- anti port scan

[Mathiau]

sql injection would be based on bad coding, if you have http forwarded to a server, UT cant check your code to see if it is flawed or not.

If someone is coding and leaves open injection possibilities, then they should go back to studying to learn to code a little safer.

I think trying to write UT to look for that would be almost impossible.....

[Phileas]

Some others UTM have some protection levels against this whatever bad coding or not.

[dwasserman]

Yes, and the name is IPS application in the rack

[Phileas]

So i suggest to have the mentionned categories to better navigate through the rules.
99 pages of rules is not very efficient to conslut

[dmorris]

If you want "web application security" then there's a whole enterprise market with various products for this. They take a lot of tuning and work, but are quite capable.

The other things are your list are totally different so I'm not sure which your asking about.

[Phileas]

Yes, various products, Astaro is one of them.
Yes, some other things are differents, they are even all different between them but they are all useful

[dmorris]

Astaro isn't in that space. They do the same thing we do.

Look at NetScaler, or just google 'web application security'

[Phileas]

lol , apparently not, the thread begining is a copy paste from Astaro ...
and if you look at them for recent news then you will see there's a lot of things Astaro does which Untangle dooes not

[dmorris]

astaro thinks a distributed denial of service attack is "malware" ?

you should start using astaro and stop trolling.