DragonWAF 2010 3.1.2.5

Here are some key features of "DragonWAF 2010":

SQL Injection Prevention:
· Remote attackers send requests to gain access on IIS web server, causing data leakage or data deletion. DragonWAF can identify the attacks, analyze and filter them.

Buffer Overflow Protection:
· Buffer Overflow is an anomaly that stores data in a buffer outside the memory the programmer set aside for it. The extra data overwrites adjacent memory, which may contain program variables and program flow control data. DragonWAF can control the request length.

HTTP Methods Protection:
· Illegal commands that will cause data loss or tamper on web server, DragonWAF administrators can analyze, classify, filter and protect web servers from any incoming requests.

Shellcode Exploits Prevention:
· A standard English website environment is free of high-bit commands communication that could cause damage to server data, whereas in other language there will be complicated coding or high-bit requests targeting on IIS Web Servers.

Encoding Attack Prevention:
· The variety of “encoding attacks” are sent to IIS Web Server are deceitful, trying to beat default policy. DragonWAF is able to identify such attacks, analyze risk level and filter them.

Keyword Strings Filtering:
· DragonWAF is able to eliminate such commands. This type of command attempts to create a buffer overflow on web servers, causing permission issues to execute intrusion attacks.

Directory Traversal Filtering:
· In a file transfer, the server end will provide required files by user end requests. There are policies to decide if users are permitted to read,write and create directories. DragonWAF can identify “Directory Traversal” attack, starts filtration.

Directory Protection:
· DragonWAF protects default IIS website directory, against any abnormal access requests to exploit sub-directory paths.

Customizable Remote Warning Page:
· Warn remote end-users of their malicious attacks with a warning message with a “Remote Warning Page”

Requirements:

· IIS 7