I was thinking the along the same lines. If you had an in-house cgi or
other type of web application that you wrote, and you knew it was
vulnerable, would you fix the code or write an IDS rule to see if anyone
is exploiting it? It's obvious to me that you would fix the vulnerability.
In addition, IDSs and sniffers only log attempts of known
vulnerabilities - they have no way of knowing if the attack is successful.
Ryan, what are you trying to do with this data, if it existed? Write IDS
rules? Research for a project? If you could expand a little bit, maybe
we could be more helpful?
Ido Rosen wrote:
> A successful attack leaves no trace.
>
> On Oct 14, 2004, at 2:24 PM, Ryan Barnett wrote:
>
>>
>>
>> I am seeking detailed log data of successful web attacks, preferably
>> against Apache. Web logs, sniffer logs, IDS logs would all be great.
>>
>> If you have some data and wouldn't mind sharing, it would be most
>> appreciated.
>>
>> Please contact me at my hushmail account.
>>
>> Thanks for your time,
>> Ryan
>>
>
>
>
--
------------------------------------------------------------------------
____/\___ | | "If you can't beat
___/__\__) | richardw | them, then they're
(__/ \__ | mailto:richardw!area52.allserve.net | not tied down good
/ \ | | enough..."
------------------------------------------------------------------------
Received on Oct 17 2004
Intro
