Firewall Wizards mailing list archives
Re: Application-level Attacks
From: "Dean A Weber" <Dean_Weber () alltel net>
Date: Fri, 28 Jan 2005 15:21:07 -0500
Crispin, I would suggest:www.dshield.org where you can see port attacked and number of attacks, as well as drill into attacks by country (445 remains the top attacked port) http://isc.sans.org/trends.php where you can see daily trends on types of attacks (although it includes port scanning in the numbers) www.securitynewswire.com which is the largest compilation of network security news in a search-able format I have found www.packetstormsecurity.com which is the second largest, with the added attraction of having lots of attack related statistics available
While none of them are going to give you a definitive report on application vs. network; you can extrapolate the data yourself to see that application layer attacks are far outnumbering network layer attacks (of course, depending on your definition of app vs. network).
as always, YMMV Dean----- Original Message ----- From: "Crispin Cowan" <crispin () immunix com>
To: "Danny" <nocmonkey () gmail com> Cc: <firewall-wizards () honor icsalabs com> Sent: Friday, January 28, 2005 11:35 AM Subject: Re: [fw-wiz] Application-level Attacks
Danny wrote:On Thu, 27 Jan 2005 18:56:58 -0800, Crispin Cowan <crispin () immunix com> wrote:Attacks within the last few years. "contemporary" is not the deep part of the question :)Shimon Silberschlag wrote:Today, when attacks are shifting towards using the already open ports on the firewall, at the application level,It is often said that contemporary attacks are migrating toapplication-level attacks. Can someone point me to data backing this claim?How do you define contemporary attacks? All attacks except for those at the application-level?Note that I actually do believe that most attacks are now at the application level. But I am looking for *evidence*, or at least a claim I didn't just make up :) to back up this opinion.Crispin -- Crispin Cowan, Ph.D. http://immunix.com/~crispin/ CTO, Immunix http://immunix.com _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs comhttp://honor.icsalabs.com/mailman/listinfo/firewall-wizards
_______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Re: Application-level Attacks, (continued)
- Re: Application-level Attacks Marcus J. Ranum (Jan 29)
- Re: Application-level Attacks Adam Shostack (Jan 30)
- Re: Application-level Attacks Frederick M Avolio (Jan 30)
- Re: Application-level Attacks Adam Shostack (Jan 30)
- RE: Application-level Attacks Bill Royds (Jan 30)
- Re: Application-level Attacks Danny (Jan 28)
- Re: Application-level Attacks Crispin Cowan (Jan 28)
- Re: Application-level Attacks Paul D. Robertson (Jan 28)
- Re: Application-level Attacks Marcus J. Ranum (Jan 29)
- Re: Application-level Attacks Paul D. Robertson (Jan 29)
- Re: Application-level Attacks Dean A Weber (Jan 28)
- Re: Application-level Attacks Dave Piscitello (Jan 28)
- Re: Application-level Attacks R. DuFresne (Jan 28)
- Message not available
- Re: Application-level Attacks Marcus J. Ranum (Jan 29)
- RE: Application-level Attacks Ben Nagy (Jan 28)