Firewall Wizards mailing list archives
Re: Application-level Attacks
From: "Dave Piscitello" <dave () corecom com>
Date: Fri, 28 Jan 2005 15:56:04 -0500
If I were to have to corroborate this claim today, I would compare the number of denied attempts in my firewall logs against the number of blocked HTTP requests in my web server logs for the past six months 2005 against those for the first six months of 2004, or even the end of 2003. In my case, I see far fewer network level attack attempts and probes today than I see malformed URLs and probes for IIS-specific exploits. And many of the probes I see today are for RAT and Radmin ports. On 28 Jan 2005 at 8:35, Crispin Cowan wrote:
Note that I actually do believe that most attacks are now at the application level. But I am looking for *evidence*, or at least a claim I didn't just make up :) to back up this opinion.
_______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Re: Application-level Attacks, (continued)
- Re: Application-level Attacks Adam Shostack (Jan 30)
- Re: Application-level Attacks Frederick M Avolio (Jan 30)
- Re: Application-level Attacks Adam Shostack (Jan 30)
- RE: Application-level Attacks Bill Royds (Jan 30)
- Re: Application-level Attacks Danny (Jan 28)
- Re: Application-level Attacks Crispin Cowan (Jan 28)
- Re: Application-level Attacks Paul D. Robertson (Jan 28)
- Re: Application-level Attacks Marcus J. Ranum (Jan 29)
- Re: Application-level Attacks Paul D. Robertson (Jan 29)
- Re: Application-level Attacks Dean A Weber (Jan 28)
- Re: Application-level Attacks Dave Piscitello (Jan 28)
- Re: Application-level Attacks R. DuFresne (Jan 28)
- Message not available
- Re: Application-level Attacks Marcus J. Ranum (Jan 29)
- RE: Application-level Attacks Ben Nagy (Jan 28)