WebApp Sec mailing list archives
Re: Web Attack Data - Apache
From: richardw <richardw () area52 allserve net>
Date: Sat, 16 Oct 2004 22:55:29 -0500
I was thinking the along the same lines. If you had an in-house cgi or other type of web application that you wrote, and you knew it was vulnerable, would you fix the code or write an IDS rule to see if anyone is exploiting it? It's obvious to me that you would fix the vulnerability.
In addition, IDSs and sniffers only log attempts of known vulnerabilities - they have no way of knowing if the attack is successful.
Ryan, what are you trying to do with this data, if it existed? Write IDS rules? Research for a project? If you could expand a little bit, maybe we could be more helpful?
Ido Rosen wrote:
A successful attack leaves no trace. On Oct 14, 2004, at 2:24 PM, Ryan Barnett wrote:I am seeking detailed log data of successful web attacks, preferably against Apache. Web logs, sniffer logs, IDS logs would all be great.If you have some data and wouldn't mind sharing, it would be most appreciated.Please contact me at my hushmail account. Thanks for your time, Ryan
-- ------------------------------------------------------------------------ ____/\___ | | "If you can't beat ___/__\__) | richardw | them, then they're (__/ \__ | mailto:richardw!area52.allserve.net | not tied down good / \ | | enough..." ------------------------------------------------------------------------
Current thread:
- Web Attack Data - Apache Ryan Barnett (Oct 15)
- Re: Web Attack Data - Apache Ido Rosen (Oct 16)
- Re: Web Attack Data - Apache richardw (Oct 17)
- Re: Web Attack Data - Apache windo (Oct 18)
- Re: Web Attack Data - Apache richardw (Oct 17)
- Re: Web Attack Data - Apache Ido Rosen (Oct 16)