Beat Hackers At Their Own Game With A Hackerbasher Site
Learn a strategy that will divert port 80 attacks away from unsecured public Web sites into a dead end where they can't do damage.
Are u under a barrage of attacks ??? hackers and crackers with automated IP port scanners can swamp a Web site with bogus requests and failed logons.The sheer volume of this traffic can reduce response times and overload service request logs. Failed logon attempts (sometimes several hundred in a minute) can obliterate legitimate security reporting in the event viewer. Even if the hacker never gains access to anything, your Web site suffers. I use several procedures to minimize the attack surface. But even after hardening the server and putting it behind a firewall, it is still vulnerable to attacks on port 80.
Failed Logons from an Automated Attack
Many of these attackers appear to be crackers,thrillseekers who simply want to break into something. Crackers usually sniff around for the obvious stuff such as unsecured databases and leftover developer sample files. Obviously, some attackers are on a mission to get in and do damage.
In this article, an easily implemented strategy is presented that uses HTTP 1.1 host headers to divert port 80 attacks away from unsecured public Web sites into a dead end where they can't do damage. the site, called Hackerbasher, stops the automated attack and records the details about the attack along with the IP address used by the attacker. Hackerbasher doesn't require any special software and its only cost is the time it takes to set it up on your server. You also get the added benefit of being able to monitor port 80 attacks in a single log file.
READ THE FULL ARTICLE
So how do we track down these people? One way is to use a honeypot: an information system resource intended to receive unauthorized or illicit use. The Honeynet Project was set up so that the good guys can watch and analyze what hackers do. The Honeynet Project reports that the average life expectancy of a honeypot on the Internet is 72 hours. The shortest known manual compromise time was 15 minutes, but a worm got the job done in 15 seconds.
No comments:
Post a Comment