Re: [Full-disclosure] Web Honeynet Project: announcement,
On Fri, 12 Jan 2007 bugtraq@xxxxxxxxxxxxxxx wrote:
> The Web Application Security Consortium is also doing such a project at
> http://www.webappsec.org/projects/honeypots/ . May be worthwhile to share
> data perhaps?
My thoughts exactly!
Although.. it is high time we started getting out of the mindset that web
security equals code security (application security), it doesn't.
Most of these application security issues are important, if not
veru much so, but no matter how not trivial it is, they are
completely solvable.
It's time to get rid of useless application firewalls, etc. and face the
music that there is currently a world of attacks we don't escalate
against and mostly do not know how to defend against on a large
scale. Take a look at zone-h if you need a reality check.
Most of the attacks described in my email are happening from the same IP
addresses, this is open relay days all over again, and it's time to wake
up and start the spam war.
Mitigate the threats by taking down bad sites, filter out bad URLs, filtr
out attacking IP addresses, detect Linux and webserver malware,
etc.
Naturally, also remember the coding issues that caused it, and how we can
fix them. We should also not forget PHP and its contribution to this
mess.
Gadi.