• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

Tools

IIS Secure Parameter Filter (SPF)
by Brian Holyfield / Gotham Digital Science
Platforms: Windows 2000, Windows NT, Windows XP
Categories: Access Control, Authentication, Cryptography, Data Encryption, Filtering, Firewall, Hardening, Intrusion Detection, NT, Policy Enforcement, user privileges, Web, Web, Web Access
Version: 1.0.08.0821 (Beta)
URL: http://www.gdssecurity.com/l/t.php
SPF is an application security module designed for Microsoft IIS web servers. SPF uses cryptography to dynamically secure embedded application parameters at runtime (Query String Values, Form Inputs & Cookies). SPF does not require any changes to the underlying application code and provides instant protection against parameter tampering, URL manipulation and replay attacks. SPF also includes the capability to define forbidden input patterns (Black-Lists) using regular expressions to block known attack signatures.

Name:
Subject:
Message:
	Enter the characters that appear above