Fingerprinting web applications
David Dede This paper describes a technique to remotely detect the version (fingerprint) of a web application. We cover WordPress, Mediawiki and Joomla in the article, but…
Month: January 2010
7 posts
Quick Sucuri Update
We are very happy to announce that we reached 5 thousand (yes, 5k) sites being monitored by our Network Integrity Monitor solution. To celebrate, we…
New Security Bloggers Network (SBN) member
We are very happy to be the newest member of the Security Bloggers Network (SBN). Thanks to Alan Shimel for setting this up very quickly…
Downforeveryoneorjustme is down
The service http://www.downforeveryoneorjustme.com/ has been down for at least a few hours already. I got the first notification via sucuri.net a few hours ago saying…
Honeypot analysis – Looking at SSH scans
Daniel Cid An integral part of the Sucuri project is to research and monitor current attacks as a way to improve our defense techniques. To achieve that,…
A closer look at the iiscan
The free IIScan was recently announced on the full-disclosure list and I took the time to review it. They announced it as a new generation…
VMware insecure file creation
If you are using the free VMware server on Linux, beware that the installer is creating files with insecure permissions, allowing any user to modify…