Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Web Honeynet Project: announcement,

From: Gadi Evron <ge () linuxbox org>
Date: Fri, 12 Jan 2007 11:06:54 -0600 (CST)
On Fri, 12 Jan 2007 bugtraq () cgisecurity net wrote:

The Web Application Security Consortium is also doing such a project at
http://www.webappsec.org/projects/honeypots/ . May be worthwhile to share data perhaps?


My thoughts exactly!

Although.. it is high time we started getting out of the mindset that web
security equals code security (application security), it doesn't.

Most of these application security issues are important, if not
veru much so, but no matter how not trivial it is, they are
completely solvable.

It's time to get rid of useless application firewalls, etc. and face the
music that there is currently a world of attacks we don't escalate
against and mostly do not know how to defend against on a large
scale. Take a look at zone-h if you need a reality check.

Most of the attacks described in my email are happening from the same IP
addresses, this is open relay days all over again, and it's time to wake
up and start the spam war.

Mitigate the threats by taking down bad sites, filter out bad URLs, filtr
out attacking IP addresses, detect Linux and webserver malware,
etc.
Naturally, also remember the coding issues that caused it, and how we can
fix them. We should also not forget PHP and its contribution to this
mess.

        Gadi.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: