Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 


Forgot your password?
Close
typodupeerror
×
Security

Fingerprinting Port80 Attacks Part 2 Relased 18

Posted by timothy from the strange-knockings-in-the-night dept.
jimmi writes: "A couple of months ago cgisecurity.com released a paper called 'Fingerprinting Port80 Attacks.' Today they released Part 2, which is even bigger then the first. Part two can be found here. This paper deals with web application attacks and how to detect them, along with figuring out what the data means."
This discussion has been archived. No new comments can be posted.

Fingerprinting Port80 Attacks Part 2 Relased More

Fingerprinting Port80 Attacks Part 2 Relased

Comments Filter:
  • Have these ideas been rolled into possible attack signatures in Snort, etc?? The last time I looked at the Snort sigs, they were very attack specific sigs and not generic "please avoid every request taht has an *"

  • HTML version of the article (Score:3, Informative)

    by selan ( 234261 ) on Wednesday March 06, 2002 @02:46PM (#3119947) Journal
    ...is here [cgisecurity.net].

  • Interesting... (Score:2, Informative)

    by Anonymous Coward
    Fingerprinting is a fertile area of research. For example, I wrote a program that sits between port 25 and an SMTP server; it uses nmap-like fingerprinting techniques to detect known spam distribution programs. Since I implemented this, the total amount of spam on my network decreased by 150% and we expect a lower total cost of ownership to result as well. I think fingerprinting is the future for security; imagine only letting certified programs from accessing your network, thus stopping 'cracking' and 'sniffing' tools dead in their tracks. This is exactly what open source is all about, and commercial software can't give you: innovation.

Slashdot Top Deals

He has not acquired a fortune; the fortune has acquired him. -- Bion

Close