|
|
Re: Website "Scanner": msg#00034security.vulnerabilities
At 03:22 PM 1/8/2003 -0800, backed.up.by.2048.bit.encryption@xxxxxxxxxxxx wrote: We want to find out what else might be in "new_products" so we plug in say the words "big" "winner" "2003" and let our dictionary spin: I know I'm stating the obvious, but keep in mind that the log files on the destination box (or on any firewalls that are set to log) are going to be at least 5 or 6 times the size of your dictionary file, even more if you use combinations of words like you talk about. Any substantial poking and prodding and you could fill up a partition or otherwise become obvious real quick. Webtrends and the like will also flag you. Don't forget these too: "Copy%20of%20bigwinner2003.html" "bigwinner2003.bak" "bigwinner2003.old" "bigwinner2003.tmp" etc... -Mike |
|
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| Previous by Date: | Security Industry Under Scrutiny #4: 00034, sockz loves you |
|---|---|
| Next by Date: | Re: Security Industry Under Scrutiny #4: 00034, Silvio Cesare |
| Previous by Thread: | RE: Website "Scanner"i: 00034, Ian Griffiths |
| Next by Thread: | An exercise to exploit IIS ISAPI filter: 00034, master_moda |
| Indexes: | [Date] [Thread] [Top] [All Lists] |
| News | FAQ | advertise |