Presentation is loading. Please wait.

Presentation is loading. Please wait.

Copyright © 2004 - The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation.

Published byEustacia Owens Modified over 7 years ago

Similar presentations

Presentation on theme: "Copyright © 2004 - The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation."— Presentation transcript:

1 Copyright © 2004 - The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License. The OWASP Foundation OWASP http://www.owasp.org Web server attacks in Belgium – statistics from year 2005 Hillar Leoste Apr, 2006 allabert@gmail.com

2 OWASP 2 Agenda  About Zone-H and defacements  Statistics 2

3 OWASP 3 What is Zone-h.org News, advisories and opinions, provided from recognized IT security news sites, trusted product vendors and pro-active members of zone-h international community Statistics of most recent digital attacks, surveys and detailed analyses, presented in our regular reports Worth-to-read articles, describing new developments in the IT security world Interviews with leading IT Security industry experts, accompanied by an opportunity to discuss different topics in specialized forums and IRC chatrooms Ongoing evaluations of current digital threats and short-time prognosis Case and motivation studies of digital incidents. Daily newsletters Free Security services: daily “early warning” bulletin + InfoSec pager

4 OWASP 4 What is Zone-h.org Disclaimer: Zone-h neither: condones, promotes, and/or participates in attacks that are recorded within our database. It is however in a unique position that such attacks are freely reported to our organization. Zone-h catalogues several useful pieces of information for each intrusion including the timestamp of the attack, software version of the webserver, the operating system, motivation of the attacker, and reported technical details of the intrusion methodology.

5 OWASP 5 Defacement Defacement is an attack against webpage, replacing the main (usually) page with attackers page. Reasons: Political (hacktivism) – Mohammed cartoosns, G8, war in Iran, conflict between Israel and Palestine, etc Best defacer Fun Challenge

6 OWASP 6 Defacement

7 OWASP 7 Defacement

8 OWASP 8 Statistics 2005 for.be Total defacements : 2889 Jan401 Feb320 Mar160 Apr297 May354 Jun189 Jul274 Aug268 Sep85 Oct137 Nov205 Dec199

9 OWASP 9 Statistics 2005 for.be

10 OWASP 10 Statistics 2005 for.be By OS: Linux182463 % Windows91932 % BSD531 % Mac461 % Solaris201 % Tru64171 % Unknown101 % By webserver: Apache191866 % IIS91331 % Roxen381 % Unkown170.5 % Lotus-Domino10.5 % WebSTAR10.5 % Zeus10.5 %

11 OWASP 11 Statistics 2005 for.be By attack type: File inclusion1090 Passwords327 Other web app bug303 SQL Injection276 Not available225 FTP server intrusion127 Web server intrusion122 MITM86 Other server intrusion57 Web server ext. module57 Radmin panel attacks52 DNS attacks52 URL poisoning19 Known vuln.19 SSH server intrusion16 Mail server intrusion15 Telnet server intrusion14 Shares8 Firewall attacks8 0day6 RPC server intrusion5 Brute force 3 Misconfig2

12 OWASP 12 Statistics 2005 for.be By apps: forum222 guestbook/gastenboek/gastje95 foto/photo13 blog12 bb210 nuke3 gallery3

13 OWASP 13 Statistics 2005 for.be ?

Download ppt "Copyright © 2004 - The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation."

Similar presentations

Copyright © 2007 - The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the Creative Commons Attribution-ShareAlike.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the Creative Commons Attribution-ShareAlike.
Line Efficiency     Percentage Month Today’s Date

Line Efficiency     Percentage Month Today’s Date
Spotting Web Vulnerabilities (from the eyes of an Script Kiddie)

Spotting Web Vulnerabilities (from the eyes of an Script Kiddie)
Open Source/Free Software Source code is available Extensible Can be changed, modified Freely distributed Copies Modified versions Alternatives to commercial/proprietary.

Open Source/Free Software Source code is available Extensible Can be changed, modified Freely distributed Copies Modified versions Alternatives to commercial/proprietary.
Introduction to Linux Chapter 1. Operating Systems Operating System (OS) - most basic and important software on a computer Performs core tasks Organize.

Introduction to Linux Chapter 1. Operating Systems Operating System (OS) - most basic and important software on a computer Performs core tasks Organize.
Open-Source Software ISYS 475.

Open-Source Software ISYS 475.
Drupal Workshop Introduction to Drupal Part 1: Web Content Management, Advantages/Disadvantages of Drupal, Drupal terminology, Drupal technology, directories.

Drupal Workshop Introduction to Drupal Part 1: Web Content Management, Advantages/Disadvantages of Drupal, Drupal terminology, Drupal technology, directories.
Copyright © 2006 - The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the Creative Commons Attribution-ShareAlike.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the Creative Commons Attribution-ShareAlike.
Copyright © 2004 - The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation.
Copyright © 2009 - The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the Creative Commons Attribution-ShareAlike.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the Creative Commons Attribution-ShareAlike.
Copyright © 2006 - The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the Creative Commons Attribution-ShareAlike.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the Creative Commons Attribution-ShareAlike.
Copyright 2007 © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.

Copyright 2007 © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
Security Testing Case Study 360logica Software Testing Services.

Security Testing Case Study 360logica Software Testing Services.
Copyright © 2006 - The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the Creative Commons Attribution-ShareAlike.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the Creative Commons Attribution-ShareAlike.
The OWASP Foundation OWASP Belgium Chapter OWASP Update Sebastien Deleersnyder Foundation Board, Zenitel Belgium

The OWASP Foundation OWASP Belgium Chapter OWASP Update Sebastien Deleersnyder Foundation Board, Zenitel Belgium
Copyright © 2004 - The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation.
Copyright © 2004 - The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation.
Copyright © 2004 - The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation.
Copyright © - The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation.

Copyright © - The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation.
Copyright © 2011 - The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation.

Similar presentations

Ads by Google