Slashdot Mirror

← Back to Stories (view on slashdot.org)

Fingerprinting Port80 Attacks Part 2 Relased

Posted by timothy on from the strange-knockings-in-the-night dept.

jimmi writes: "A couple of months ago cgisecurity.com released a paper called 'Fingerprinting Port80 Attacks.' Today they released Part 2, which is even bigger then the first. Part two can be found here. This paper deals with web application attacks and how to detect them, along with figuring out what the data means."

2 of 18 comments (clear)

  1. HTML version of the article by selan · · Score: 3, Informative

    ...is here.

  2. Interesting... by Anonymous Coward · · Score: 2, Informative

    Fingerprinting is a fertile area of research. For example, I wrote a program that sits between port 25 and an SMTP server; it uses nmap-like fingerprinting techniques to detect known spam distribution programs. Since I implemented this, the total amount of spam on my network decreased by 150% and we expect a lower total cost of ownership to result as well. I think fingerprinting is the future for security; imagine only letting certified programs from accessing your network, thus stopping 'cracking' and 'sniffing' tools dead in their tracks. This is exactly what open source is all about, and commercial software can't give you: innovation.