Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Web-App-Sec
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

WASC Announcement: Distributed Open Proxy Honeypot Project Data Released

from [announcements] Network Security [Permanent Link]
Subject: WASC Announcement: Distributed Open Proxy Honeypot Project Data Released
Date: Mon, 7 May 2007 18:49:35 -0400 (EDT) 
The Web Application Security Consortium (WASC) is pleased to announce the
inital release of data collected by the Distributed Open Proxy
Honeypot Project.  This first release of information is for data gathered
from January - April, 2007.  During this timeframe, we had 7 internationally
placed honeypot sensors deployed and sending their data back to our central
logging host.

What did we see?  Here are some brief highlights -

   - SQL Injection Attacks
   - Brute Force Attacks
   - OS Command Injection
   - Web Defacement Attempts
   - Google-Abuses (Google-Hacking and Proxying for BannerAd/Click Fraud)
   - Information Leakage

We have created a PDF document here -
http://www.webappsec.org/projects/honeypots/Threat_Report_05072007.pdf
.  The attacks are mapped to the WASC Threat Classification categories.
There are some high-level statistics shown, however they are very crude as
this was not the focus of this phase of the project.  We understand that the
data presented is a bit raw, however we wanted to release this information
so that the public may have a chance to review it and provide feedback.  Our
initial goal was to identify the types of current attacks that are using
open proxy servers.  In our future deployments, we will attempt to refine
the data analysis processes to extract out trend data and high level
concepts. In the near future, we will be updating both the VMware honeypot
sensors themselves and will also use a newer version of the centralize
logging host (ModSecurity Console).

We are also planning to release more frequent information in the form of
diary entries on the project webpage as new attacks/trends are identified.

While the initial deployment was a success, we still need participants who
are willing to participate by deploying our VMware honeypot sensor on their
network.  If you are interested in participating, please send an email to
Ryan Barnett at - RCBarnett_@_gmail.com.

URL:
http://www.webappsec.org/projects/honeypots/

Regards,

-- 
Ryan C. Barnett
Web Application Security Consortium (WASC) Member
Distributed Open Proxy Honeypot Project Lead

-------------------------------------------------------------------------
Sponsored by: Watchfire

As web applications become increasingly complex, tremendous amounts of 
sensitive data - personal, medical and financial - are exchanged, and 
stored. Consumers expect and demand security for this information. This 
whitepaper examines a few vulnerability detection methods - specifically 
comparing and contrasting manual penetration testing with automated 
scanning tools. Download "Automated Scanning or Manual Penetration 
Testing?" today!

https://www.watchfire.com/securearea/whitepapers.aspx?id=701500000008rSe
--------------------------------------------------------------------------
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • WASC Announcement: Distributed Open Proxy Honeypot Project Data Released, announcements <=
Previous by Date:  Wfuzz - The web bruteforcer, Christian Martorella
Next by Date:  [Full-disclosure] WordPress 2.1.3 Akismet Vulnerability, David Kierznowski
Previous by Thread:  Wfuzz - The web bruteforcer, Christian Martorella
Next by Thread:  [Full-disclosure] WordPress 2.1.3 Akismet Vulnerability, David Kierznowski
Indexes:  [Date] [Thread] [Top] [All Lists]