NYCPHP Meetup

[jon baer]

Staying a little with the topic ...

Does anyone here implement any security beyond brute-force detection for
their PHP apps?  I used to think using Snort for anomaly detection in web
applications was a great idea but kinda overkill for people to understand
how to use ... (writing a signature *with* your apps error handling)

You mainly use this libraries (CrackLib) for really checking "bad passwords"
but what is a bad password normally translate to how fast a script kiddy can
load up jtr or cain & abel  and bypass what you thought was impossible.

Not alot of developers go off and monitor their traffic as it pertains to
their application (or do they?)  Its usually pretty easy to detect someone
bruteforcing an app from the outside but does anyone do honeypot stuff to
actually check?  Just curious.  I know they are making firewalls a bit
"snort-like" these days but Im *sure* not everyone can afford those
solutions :-)

- Jon