mod_protection2 Version 0.0.2 by Pierpaolo Giacomin aka yaroze (yaroze@twlc.net) Distribution Site: http://www.twlc.net mod_protection is an apache module that integrate basic function of an IDS (intrusion detection system) and of a firewall (just an emulation for now). Your apache administrator have only to install mod_protection and define rules. Obviously you see that a normal NIDS can't check SSL tunneled stuff and that mod_protection can. When a malicious client sends a request that matches on your rules the administrator will be warned and the client gets a user defined page or a error or something that notifies that now he will be persecuted or ... The warning system just write on a socket, so you can put on the other side of the socket an application that send you a mail, an SMS, a message in your favourite IM or a notify in your IRC client, or why not open a message box on your usual box. to install mod_protection act as you normally act to install a dynamic apache module. If this is your first time please read the INSTALL file or the apache documentation (sure the second is better written :) ). To setup the rules and the http.conf read the USAGE file. To know what i will add in the next release(s) plase read the TODO file. To know how to pick up a girl, don't ask me, i'm really no good at that. To know your future please don't blame me :)