dotnetids - Google Code

License:	GNU General Public License v2
Labels:	.NET, csharp, ids, xss, security, protection, csrf, vb.net

Show all Featured Downloads:
dotnetids-bin-0_1_3_0.zip

Show all Featured Wiki Pages:
Output_Scanning Usage

Blogs:	Switch/Twitch

Join project

Project owners:
	mhinks
Project members:
	Mario.Heiderich

Welcome to the code base of the .NETIDS (.NET Intrusion detection System). This tool is capable of detecting on attacks on web applications and gives the developer the possibility to react. The project files include filter rules and function stubs to react on possible intrusions which may vary from logging to warning or redirecting the user.

The goal of this project is to provide am additional layer of protection to >any< .NET application this project is used with. This also includes the detection of XSS, directoy traversal, SQL injections, protection against overwriting JS objects and methods, advanced logging functions, categorization and tagging of the single filter rules and interfaces for reacting on possible intrusions.

.NET IDS v.0.1.3.0 is now available for download!

Binary: http://dotnetids.googlecode.com/files/dotnetids-bin-0_1_3_0.zip
Documentation: http://www.the-mice.co.uk/dotnetids/docs/
Forum: http://forum.php-ids.org/?CategoryID=9

Featured in this release:

-Version set correctly on assembly (thanks to Albert)
-Moved scanning by SecurePage into Page_Init (thanks to Albert)
-Added new properties to SecurePage that include PostExclusions, GetExclusions, HeaderExclusions and CookieExclusions so that you can choose to exclude say "host" only from headers you can use HeaderExclusions. Of course you can still exclude from all scanners by using Exclusions.
-The event handler is no longer an abstract field meaning that you must change your declaration of public override void IDSEventHandler(Report report, SecurePage SecurePage) so that it does NOT override the base method (as this no longer exists). Instead you must declare public void IDSEventHandler(Report report, SecurePage SecurePage) and then wire this up to the event handler of the SecurePage object in Page_Init: OnIDSEvent += IDSEventHandler; This change is handy because it means that you can easily centralize IDS detection by specifying the same method for each handler rather than having hard to maintain, code duplicating methods in each page.
-ViewStateUserKey is no longer set by SecurePage. The same goes for caching values.
-Changed style of error output to conform to throw rather than re-writing page.
-Updated filter rules.

.NET IDS is a port of phpids (http://www.phpids.org) to the .NET Framework. The library is fully CLS compliant and implements exactly the same filtering sets as the PHP version.

2007-08-02: Release of version 0.1.3.0
2007-07-19: Release of version 0.1.2.0
2007-06-19: Release of version 0.1.0.0
2007-06-15: .NETIDS can now perform detection on page output! More soon!
2007-06-13: .NETIDS now detects Null Bytes passed by methods other than forms through the added internal Null Byte Filter object.
2007-06-09: .NETIDS SmokeTest is now online - check it out at http://www.the-mice.co.uk/SmokeTest/SmokeTest.aspx
2007-06-08: .NETIDS can now parse Request.Cookies in addition to Request.Querystring and Request.Form. A release date draws nearer - a smoketest is also in the works.