Web Scans on the Increase

Over the last few weeks we have measured a fairly slow, but steady increase in the amount of general web site scanning. More and more often, our HoneyPoint systems are identifying PHP scans, scans for older vulnerabilities dating back to Nimda and Code red and a slew of newer scans for specific bulletin board, blog management and other web-based application code.

These scans are appearing from a number of locales and appear to be mostly automated. Their sources appear to be from mostly compromised systems on small to mid-sized company networks.

As these scans increase in frequency and capability, it is essential that organizations ensure that they have secured their web servers against common known vulnerabilities. There are a number of tools such as nikto, Sandcat and others or available services to scan sites for little or no charge. Organizations should utilize these tools or their existing managed vulnerability assessment services to ensure they are protected against these common worm-style attacks.

This entry was posted in General InfoSec by Brent Huston. Bookmark the permalink.

About Brent Huston

I am the CEO of MicroSolved, Inc. and a security evangelist. I have spent the last 20+ years working to make the Internet safer for everyone on a global scale. I believe the Internet has the capability to contribute to the next great leap for mankind, and I want to help make that happen!

Leave a Reply