DurianComm is a telecommunication company that provide telecommunication services and serve as the national internet service provider for a country known as Sangpurba. The DurianComm web site was hacked using SQLi and the attacker gained the shell access. The web developer team required time to redesign the web site which will take a couple of months. The IT team decided to install a Web application firewall to protect the website. They have chosen ModSecurity – an open source WAF. They have configured the WAF using default installation with all the rules enabled. The IT team tested the web application firewall detection/prevention capabilities by performing attacks against the web server. The web server was deployed with WAF after several test and published online.
- TIME120 MINUTES
- COST10 CRYSTALS