Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

firewall-wizards logo Firewall Wizards mailing list archives

Re: Application-level Attacks
From: "Dave Piscitello" <dave () corecom com>
Date: Fri, 28 Jan 2005 15:56:04 -0500
If I were to have to corroborate this claim today, I would compare 
the number of denied attempts in my firewall logs against the number 
of blocked HTTP requests in my web server logs for the past six 
months 2005 against those for the first six months of 2004, or even 
the end of 2003. 

In my case, I see far fewer network level attack attempts and probes 
today than I see malformed URLs and probes for IIS-specific exploits. 
And many of the probes I see today are for RAT and Radmin ports. 

On 28 Jan 2005 at 8:35, Crispin Cowan wrote:


Note that I actually do believe that most attacks are now at the
application level. But I am looking for *evidence*, or at least a
claim I didn't just make up :) to back up this opinion.




_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]