Slashdot Mirror

← Back to Stories (view on slashdot.org)

Fingerprinting Port 80 Attacks

Posted by CmdrTaco on from the keeping-it-real dept.

pg writes "I found an interesting article on www.cgisecurity.com that explains common fingerprints in web server, and web application attacks. It goes to describe how to detect most known, and unknown attacks. This may come in handy when trying to detect another internet worm."

1 of 147 comments (clear)

  1. Garbage requests by spankfish · · Score: 3, Redundant
    What I personally like to do is create a good set of rules for detecting this kind of garbage requests and storing them in log files which are separate to my normal access_log and error_log... that way I don't have to wade through acres of crap while looking at my real visitors.

    Yes, I know I could grep 'em out while viewing, but I think garbage should be kept in a separate place to the real visitors' log entries.

    --

    NO TOUCH MONKEY!