Breach Security, Inc., the web application security, will be presenting 'Latest Hacks and Attacks' from the Web Application Security Consortium's Distributed Open Proxy Honeypot Project at next week's Open Web Application Security Project & WASC AppSec 2007 Conference, in San Jose, CA. The Distributed Open Proxy Honeypot Project initially began in January 2007 and is led by WASC officer Ryan C. Barnett, director of Application Security Training for Breach Security, Inc.
By deploying multiple open proxy server honeypots, WASC is able to take a granular look at the types of malicious traffic that are utilizing these systems. The open proxy honeypots are specially configured vmware hosts used as a medium for gathering attack data. Much of the traffic passing through the open proxies is from hackers or spammers looking to cover their tracks. When the project initially began in January, analysts collected data from seven open proxy servers in countries around the world including Germany, Greece, Russia and the United States.
The MMA provides security analysts with a single interface for monitoring the security of their web applications.The global net of honeypots run Breach Security's open source ModSecurity core rules to identify and block attacks and provide research data. The Honeypot Project is also using Breach Security's commercial ModSecurity Management Appliance, a network-based tool designed to collect logs and alerts from remote ModSecurity sensors in real-time.
Utilizing globally located open proxy servers and sensors, the Honeypot Project captures live attack data to provide specific examples of targeted web application attacks. Barnett will discuss the new findings on Wednesday, November 14th during the first day of the AppSec conference. The project has broadened over the past year, with the number of participating sensors doubling in number to 14. New open proxy servers are now located in Romania, Argentina, and Belgium. The ModSecurity open source web application firewall is the most widely deployed with 10,000 users worldwide. This highly flexible web application firewall can be used for a wide range of functions including web application monitoring, web intrusion detection and prevention, as well as "just in time" virtual patching of known vulnerabilities.
While the Distributed Open Proxy Honeypot Project started in January 2007, the data presented below was collected solely in October 2007 - all data is compared to the four month cycle of the phase one of the project, which was collected from January 15th through April 30th 2007.
"This research project differs from conventional web attack statistics as we have wide visibility of attack traffic, whereas most organizations only see data destined for their specific sites," said Barnett. "We present this project to the security and business community to build awareness by offering fresh insight into the multiple forms of web application attacks that are occurring."
Consumers using external hard drives often assume the valuable data on their PC is protected, but an external hard drive can leave them vulnerable to catastrophic data loss. Carbonite’s online backup service allows users to store an unlimited amount of data for $49.95 per year. The service works automatically to provide continuous backup whenever the user’s computer is connected to the Internet.
.gif&max=85)
