Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Web-App-Sec
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Web Attack Data - Apache

from [richardw] Network Security [Permanent Link]
Subject: Re: Web Attack Data - Apache
Date: Sat, 16 Oct 2004 22:55:29 -0500
I was thinking the along the same lines. If you had an in-house cgi or other type of web application that you wrote, and you knew it was vulnerable, would you fix the code or write an IDS rule to see if anyone is exploiting it? It's obvious to me that you would fix the vulnerability.

In addition, IDSs and sniffers only log attempts of known vulnerabilities - they have no way of knowing if the attack is successful.

Ryan, what are you trying to do with this data, if it existed? Write IDS rules? Research for a project? If you could expand a little bit, maybe we could be more helpful?

Ido Rosen wrote: 
A successful attack leaves no trace.

On Oct 14, 2004, at 2:24 PM, Ryan Barnett wrote:



I am seeking detailed log data of successful web attacks, preferably against Apache. Web logs, sniffer logs, IDS logs would all be great.

If you have some data and wouldn't mind sharing, it would be most appreciated.

Please contact me at my hushmail account.

Thanks for your time,
Ryan






--
------------------------------------------------------------------------
  ____/\___  |                                     | "If you can't beat
  ___/__\__) |              richardw               | them, then they're
 (__/    \__ | mailto:richardw!area52.allserve.net | not tied down good
   /      \  |                                     | enough..."
------------------------------------------------------------------------

[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Apache log file monitor, James Barkley
Next by Date:  Re: Potential XSS errors when using information from HTTP requests, Amit Klein (AKsecurity)
Previous by Thread:  Re: Web Attack Data - Apache, Ido Rosen
Next by Thread:  Re: Web Attack Data - Apache, windo
Indexes:  [Date] [Thread] [Top] [All Lists]