1/9/2013 by Sergio Magra
we are trying to protect Web Services. We implemented Content Profile protection.
When testing, we generate an attack inside a value of a Web service query, for example:
valor ' or 1=1--
As is supposed, it generates an attack detection.
The problem is that the detection of this attack is done at URL (request) level, and not to a parameter or tag level. I am referring to a xml parameter or tag inside xml content,
If we need to make an exception for this attack, we have to disable the signature globally (for the entire profile).
So, it is possible to do expections at parameter or tag level using Content profiles?
Thanks and best regards
Sorry, the Forum erase the format of the example..
I'm attaching an image of it.
Nathan, thanks for the answer, and sorry for the omission. The version is 11.2.0 HF2.
In the chapter that you sent me, it says how to configure Attack signatures for content profiles. How to attach this content profile to an XML tag or parameter (I am referring to a xml parameter or tag inside xml content)?
I'm asking becasue we need to override some signatures but only for some XML tag or parameters.
That you suggested are web parameters that contains xml contents, instead of an XML parameter or tag inside xml content. I'm looking for overriding signatures in the second thing.
Let me know if I'm wrong (I'm new with ASM and Web Services).
Thanks in advance
Posted By Torti on 01/11/2013 06:10 AM
I think, you don't need the schema files for doing what you want. You can safe the profile without it. You have to test it.
Can you tell me how to configure this?
When you create a xml content profile and you don't have the schema files, you only have to save the profile. Thats it.