Web server attacks in Belgium - statistics from year 2005

Web server attacks in Belgium - statistics from year 2005

2006 Internet Attack Statistics for Belgium Hillar Leoste Zone-H.org OWASP BeLux Chapter Copyright 2007 - The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the Creative Commons Attribution-ShareAlike 2.5 License. To view this license, visit http://creativecommons.org/licenses/by-sa/2.5/ The OWASP http://www.owasp.org Foundation Agenda About Zone-H and defacements Statistics 2 OWASP 2 What is Zone-h.org News, advisories and opinions, provided from recognized IT security news sites, trusted product vendors and pro-active members of zone-h international community Statistics of most recent digital attacks, surveys and detailed analyses,

presented in our regular reports Worth-to-read articles, describing new developments in the IT security world Interviews with leading IT Security industry experts, accompanied by an opportunity to discuss different topics in specialized forums and IRC chatrooms Ongoing evaluations of current digital threats and short-time prognosis Case and motivation studies of digital incidents. Daily newsletters Free Security services: daily early warning bulletin + InfoSec pager OWASP 3 What is Zone-h.org Disclaimer: Zone-h neither: condones, promotes, and/or participates in attacks that are recorded within our database. It is however in a unique position that such attacks are freely reported to our organization. Zone-h catalogues several useful pieces of information for each intrusion including the timestamp of the attack, software version of the webserver, the operating system, motivation of the attacker, and reported technical details of the intrusion methodology. OWASP 4 Defacement

Defacement is an attack against webpage, replacing the main (usually) page with attackers page. Reasons: Political (hacktivism) G8, war Mohammed cartoosns, in Iran, conflict between Israel and Palestine, etc Best defacer Fun Challenge OWASP 5 Statistics for .be 2005 Jan 401 Feb 320 Mar 160 Apr 297 May 354 Jun 189 2006 159 415 168 341

205 443 Jul Aug Sep Oct Nov Dec 2005 2006 274 1832 268 1040 85 1347 137 359 205 299 199 415 Total: 2005 2889 2006 - 7023 OWASP 6 Statistics for .be Defacements 2005 & 2006 2000 1832

1800 1600 1400 1347 2006 1200 2005 1040 1000 800 600 400 401 200 159 415 320 341 297 168 160

354 205 443 274 189 268 85 0 Jan Feb Mar Apr May Jun 359 Jul Aug Sep 137

Oct 415 299 205 Nov 199 Dec OWASP 7 Statistics for .be By OS: 2005 Linux Windows BSD Mac Solaris Tru64 Unknown 2006 1824 919 53 46 20 17

10 63 32 1 1 1 1 1 % % % % % % % Linux Windows BSD Mac Solaris Unknown % OS2 % 4883 1916 156 45 12 10

70 % 27 % 2 % 0.6 % 0.2 % 0.15 1 0.05 OWASP 8 Statistics for .be By webserver: 2005 2006 Apache 1918 66 % IIS 913 31 % Roxen 38 1 % Unkown 17

0.5 % Lotus-Domino 1 0.5 % WebSTAR 1 0.5 % Zeus 1 0.5 % Apache 72% IIS 1905 27% Unknown 48 Nginx 17 NOYB 4 SonataServer2 Lighttpd 1 5046 0.7% 0.2% 0.05% 0.03% 0.02% OWASP

9 Statistics 2005 for .be By attack type: File inclusion 1090 Attacks against user 327 Other web app bug 303 SQL Injection 276 Not available 225 FTP server intrusion 127 Web server intrusion 122 MITM 86 Other server intrusion 57 Web server ext. module 57 Radmin panel attacks 52 DNS attacks 52 URL poisoning 19 Known vuln. 19 SSH server intrusion 16 Mail server intrusion 15 Telnet server intrusion14 Shares 8

Firewall/router attacks 8 0day 6 RPC server intrusion 5 Brute force 3 Misconfig 2 OWASP 10 Statistics 2006 for .be By attack type: Attacks against user 1696 File inclusion 904 SQL injection 638 Not available 569 Other web app bug 437 Other server intrusion 414 FTP server intrusion 326 Web server ext. module 319 SSH server intrusion 300 Radmin panel attacks 194 Firewall/router attacks MITM 177 Shares

170 RPC server intrusion169 DNS attacks 109 Remote service attacks Web server intrusion Telnet server intrusion URL poisoning 81 Mail server intrusions OWASP 185 108 101 99 27 11 Statistics 2005 for .be By apps: forum guestbook/gastenboek/gastje foto/photo blog bb2 nuke gallery 222 95 13

12 10 3 3 OWASP 12 Statistics 2006 for .be By apps: forum foto/photo/album phpbb gallery guestbook/gastenboek/gastje cms joomla blog mambo board nuke 347 75 39 27 25 20 12 11 10 8 7

OWASP 13 Statistics 2006 for .be Bits and pieces police.be/forum Some sites from kuleuven.ac.be and ulg.ac.be 140 double defacements 21 big (more that 30 sites per IP) attacked OWASP 14 Statistics for .be ? OWASP 15

Recently Viewed Presentations

  • Snímek 1 - data.kemt.fei.tuke.sk

    Snímek 1 - data.kemt.fei.tuke.sk

    Príklady významných LEO systémov sú GlobalstarTM (48 +8 satelitov v 8 obežných dráhach na 1400 km) a Iridium ® (66 +6 satelitov na 6 obežných dráhach na 780 km). Existuje aj množstvo malých LEO systémov, ako sú PoSat, postavený SSTL...
  • Distribution Design Issues - University of Washington

    Distribution Design Issues - University of Washington

    Open Channel - Bioswale Design Check 100 year flow velocity Mannings Equation again to find depth of flow (n value will change) Calculate area of flow (trapezoid) = 2.944 sf Calculate velocity = 2.5128 ft/s Velocity must be < 3...
  • Action on Inclusion Levels of Support and Engaging and ...

    Action on Inclusion Levels of Support and Engaging and ...

    Action on Inclusion Levels of Support and Engaging and Connecting Students Through Technology Projects 2012-2013. PROJECT 3(Ipod/Ipads)Specialized- Dedicated EA time, specialists support or alternative placement. PROJECT 2 ( All from Project 1 Plus . SpeakQ)Targeted-Focused supports, flexible groupings, assistive technology,...
  • Seedless VACULAR Plants - Westgate Mennonite Collegiate

    Seedless VACULAR Plants - Westgate Mennonite Collegiate

    Phylum Polypodiophyta. Seedless vascular plants. Largest group of plants other than flowering plants. Great diversity in form and habitat. Fronds (leaves) can vary. Ferns - Lifecycle. Dominant sporophyte produces windblown spores.
  • Back-of-the-House Functions & Back-of-the-House Staff Key Terms  Back-of-the-house

    Back-of-the-House Functions & Back-of-the-House Staff Key Terms Back-of-the-house

    The back-of-the-house is responsible for the following seven functions: Food Production. Purchasing and Receiving. Marketing and Sales. Human Resources. ... Purchase food items and equipment. ... These cooks are often organized into three groups: Hot Food Cooks. Cold Food Cooks....
  • Gêneros Literários

    Gêneros Literários

    GÊNEROS LITERÁRIOS A LITERATURA É A ARTE QUE SE MANIFESTA PELA PALAVRA, SEJA ELA FALADA, SEJA ESCRITA. EXEMPLO DE GÊNERO LÍRICO Autor masculino - eu lírico masculino Trecho do poema "Ainda Uma Vez , Adeus", de Gonçalves Dias, que escreveu...
  • Safety Management System - Pennsylvania Department of Labor ...

    Safety Management System - Pennsylvania Department of Labor ...

    Safety Management System. A Safety Management System is: A pro-active, risk based approach to managing safetythroughout an organization. An SMS provides a systematic way to identify hazards and control risks while maintaining assurance that these risk controls are effective. Click...
  • NAP-GSP Support to Developing Countries

    NAP-GSP Support to Developing Countries

    National NAP planning meeting, a stock-taking assessment and development of a NAP roadmap (Department of Water, Ministry of Fisheries and Water Resources) Stakeholder consultation in the form of a NAP planning workshop. Follow-up support to Gambia by UNDP/FAO on integrating...