Information Security News mailing list archives
New Honeypot Mimics The Web Vulnerabilities Attackers Want To Exploit
From: InfoSec News <alerts () infosecnews org>
Date: Wed, 4 Nov 2009 00:11:06 -0600 (CST)
http://www.darkreading.com/database_security/security/app-security/showArticle.jhtml?articleID=221300001 By Kelly Jackson Higgins DarkReading Oct 29, 2009 A next-generation Web server honeypot project is under way that poses as Web servers with thousands of vulnerabilities in order to gather firsthand data from real attacks targeting Websites. Unlike other Web honeypots, the new open-source Glastopf tool dynamically emulates vulnerabilities attackers are looking for, so it's more realistic and can gather more detailed attack information, according to its developers. "Many attackers are checking the vulnerability of the application before they inject malicious code. My project is the first Web application honeypot with a working vulnerability emulator able to respond properly to attacker requests," says Lukas Rist, who created Glastopf. Rist, a student, built Glastopf through the Google Summer of Code (Gsoc) 2009 program, where student developers write code for open-source projects. His Web honeypot was one of the Honeynet Project's Gsoc projects. Unlike other Web honeypots that use templates posing as real Web apps, Glastopf basically adapts to the attack and can automatically detect and allow an unknown attack. Glastopf uses a combination of known signatures of vulnerabilities and also records the keywords an attacker uses when visiting the honeypot to ensure it gets indexed in search engines, which attackers often use to find new targets. The project uses a central database to gather the Web attack data from the Glastopf honeypot sensors installed by participants who want to share their data with the database. [...] ________________________________________ Did a friend send you this? From now on, be the first to find out! Subscribe to InfoSec News http://www.infosecnews.org
Current thread:
- New Honeypot Mimics The Web Vulnerabilities Attackers Want To Exploit InfoSec News (Nov 03)