Presentation is loading. Please wait.

Presentation is loading. Please wait.

Copyright © 2007 - The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the Creative Commons Attribution-ShareAlike.

Published byCarlee Roots Modified over 9 years ago

Similar presentations

Presentation on theme: "Copyright © 2007 - The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the Creative Commons Attribution-ShareAlike."— Presentation transcript:

1 Copyright © 2007 - The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the Creative Commons Attribution-ShareAlike 2.5 License. To view this license, visit http://creativecommons.org/licenses/by-sa/2.5/ The OWASP Foundation OWASP BeLux Chapter http://www.owasp.org 2006 Internet Attack Statistics for Belgium Hillar Leoste Zone-H.org

2 OWASP 2 Agenda  About Zone-H and defacements  Statistics 2

3 OWASP 3 What is Zone-h.org News, advisories and opinions, provided from recognized IT security news sites, trusted product vendors and pro-active members of zone-h international community Statistics of most recent digital attacks, surveys and detailed analyses, presented in our regular reports Worth-to-read articles, describing new developments in the IT security world Interviews with leading IT Security industry experts, accompanied by an opportunity to discuss different topics in specialized forums and IRC chatrooms Ongoing evaluations of current digital threats and short-time prognosis Case and motivation studies of digital incidents. Daily newsletters Free Security services: daily “early warning” bulletin + InfoSec pager

4 OWASP 4 What is Zone-h.org Disclaimer: Zone-h neither: condones, promotes, and/or participates in attacks that are recorded within our database. It is however in a unique position that such attacks are freely reported to our organization. Zone-h catalogues several useful pieces of information for each intrusion including the timestamp of the attack, software version of the webserver, the operating system, motivation of the attacker, and reported technical details of the intrusion methodology.

5 OWASP 5 Defacement Defacement is an attack against webpage, replacing the main (usually) page with attackers page. Reasons: Political (hacktivism) – Mohammed cartoosns, G8, war in Iran, conflict between Israel and Palestine, etc Best defacer Fun Challenge

6 OWASP 6 Statistics for.be 20052006 Jan401159 Feb320415 Mar160168 Apr297341 May354205 Jun189443 20052006 Jul2741832 Aug2681040 Sep851347 Oct137 359 Nov205 299 Dec199 415 Total: 2005 – 2889 2006 - 7023

7 OWASP 7 Statistics for.be

8 OWASP 8 Statistics for.be By OS: 2005 Linux182463 % Windows91932 % BSD531 % Mac461 % Solaris201 % Tru64171 % Unknown101 % 2006 Linux488370 % Windows191627 % BSD1562 % Mac450.6 % Solaris120.2 % Unknown100.15 % OS210.05 %

9 OWASP 9 Statistics for.be By webserver: 2005 Apache191866 % IIS91331 % Roxen381 % Unkown170.5 % Lotus-Domino10.5 % WebSTAR10.5 % Zeus10.5 % 2006 Apache504672% IIS190527% Unknown480.7% Nginx170.2% NOYB40.05% SonataServer20.03% Lighttpd10.02%

10 OWASP 10 Statistics 2005 for.be By attack type: File inclusion1090 Attacks against user327 Other web app bug303 SQL Injection276 Not available225 FTP server intrusion127 Web server intrusion122 MITM86 Other server intrusion57 Web server ext. module57 Radmin panel attacks52 DNS attacks52 URL poisoning19 Known vuln.19 SSH server intrusion16 Mail server intrusion15 Telnet server intrusion14 Shares8 Firewall/router attacks8 0day6 RPC server intrusion5 Brute force 3 Misconfig2

11 OWASP 11 Statistics 2006 for.be By attack type: Attacks against user1696 File inclusion904 SQL injection638 Not available569 Other web app bug437 Other server intrusion414 FTP server intrusion326 Web server ext. module319 SSH server intrusion300 Radmin panel attacks194 Firewall/router attacks185 MITM177 Shares170 RPC server intrusion169 DNS attacks109 Remote service attacks108 Web server intrusion101 Telnet server intrusion99 URL poisoning81 Mail server intrusions27

12 OWASP 12 Statistics 2005 for.be By apps: forum222 guestbook/gastenboek/gastje95 foto/photo13 blog12 bb210 nuke3 gallery3

13 OWASP 13 Statistics 2006 for.be By apps: forum347 foto/photo/album75 phpbb39 gallery27 guestbook/gastenboek/gastje25 cms20 joomla12 blog11 mambo10 board8 nuke7

14 OWASP 14 Statistics 2006 for.be Bits and pieces police.be/forum Some sites from kuleuven.ac.be and ulg.ac.be 140 double defacements 21 big (more that 30 sites per IP) attacked

15 OWASP 15 Statistics for.be ?

Download ppt "Copyright © 2007 - The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the Creative Commons Attribution-ShareAlike."

Similar presentations

Copyright © 2005 - The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation.
Line Efficiency     Percentage Month Today’s Date

Line Efficiency     Percentage Month Today’s Date
Copyright © 2008 - The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the Creative Commons Attribution-ShareAlike.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the Creative Commons Attribution-ShareAlike.
Spotting Web Vulnerabilities (from the eyes of an Script Kiddie)

Spotting Web Vulnerabilities (from the eyes of an Script Kiddie)
IPv6 Implementation with Open Source Eddie Aronovich Tel-Aviv University, Israel IPv6 Forum-Israel.

IPv6 Implementation with Open Source Eddie Aronovich Tel-Aviv University, Israel IPv6 Forum-Israel.
Introduction to Linux Chapter 1. Operating Systems Operating System (OS) - most basic and important software on a computer Performs core tasks Organize.

Introduction to Linux Chapter 1. Operating Systems Operating System (OS) - most basic and important software on a computer Performs core tasks Organize.
Lesson 19 Internet Basics.

Lesson 19 Internet Basics.
Open-Source Software ISYS 475.

Open-Source Software ISYS 475.
Drupal Workshop Introduction to Drupal Part 1: Web Content Management, Advantages/Disadvantages of Drupal, Drupal terminology, Drupal technology, directories.

Drupal Workshop Introduction to Drupal Part 1: Web Content Management, Advantages/Disadvantages of Drupal, Drupal terminology, Drupal technology, directories.
Copyright © 2006 - The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the Creative Commons Attribution-ShareAlike.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the Creative Commons Attribution-ShareAlike.
Demystifying Backdoor Shells and IRC Bots: The Risk … By : Jonathan.

Demystifying Backdoor Shells and IRC Bots: The Risk … By : Jonathan.
Teachers Discovering Computers Integrating Technology and Digital Media in the Classroom 7 th Edition Evaluating Educational Technology and Integration.

Teachers Discovering Computers Integrating Technology and Digital Media in the Classroom 7 th Edition Evaluating Educational Technology and Integration.
Copyright © 2004 - The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation.
Copyright © 2009 - The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the Creative Commons Attribution-ShareAlike.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the Creative Commons Attribution-ShareAlike.
Copyright © 2006 - The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the Creative Commons Attribution-ShareAlike.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the Creative Commons Attribution-ShareAlike.
Copyright 2007 © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.

Copyright 2007 © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
Security Testing Case Study 360logica Software Testing Services.

Security Testing Case Study 360logica Software Testing Services.
Chapter 1: The Internet and the WWW CIS 275—Web Application Development for Business I.

Chapter 1: The Internet and the WWW CIS 275—Web Application Development for Business I.
Copyright © 2007 - The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation.
Copyright © 2006 - The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the Creative Commons Attribution-ShareAlike.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the Creative Commons Attribution-ShareAlike.

Similar presentations

Ads by Google