WebApp Sec mailing list archives
Re: Web Attack Data - Apache
From: windo () windowlicker dyn ee
Date: Mon, 18 Oct 2004 17:40:16 +0300
Hi.
I was thinking the along the same lines. If you had an in-house cgi or other type of web application that you wrote, and you knew it was vulnerable, would you fix the code or write an IDS rule to see if anyone is exploiting it? It's obvious to me that you would fix the vulnerability. In addition, IDSs and sniffers only log attempts of known vulnerabilities - they have no way of knowing if the attack is successful.
Running honeypots can give that sort of data. I've been wanting to do it for some time but haven't really gotten around to, but there are a lot of people who have, and be willing to share that data, for educational purposes. at least i presume so. check out http://www.honeynet.org/ for starters. Siim Põder
Current thread:
- Web Attack Data - Apache Ryan Barnett (Oct 15)
- Re: Web Attack Data - Apache Ido Rosen (Oct 16)
- Re: Web Attack Data - Apache richardw (Oct 17)
- Re: Web Attack Data - Apache windo (Oct 18)
- Re: Web Attack Data - Apache richardw (Oct 17)
- Re: Web Attack Data - Apache Ido Rosen (Oct 16)