Detecting and Defending against Web-Server Fingerprinting

San Diego California December 09-December 13

DOI Bookmark:

http://doi.ieeecomputersociety.org/10.1109/CSAC.2002.1176304

18th Annual Computer Security Applica ...

	This Article
	PURCHASE ARTICLE: $19 PDF HTML IEEE Xplore Subscribers
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/Endnote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Dustin Lee Articles by Jeff Rowe Articles by Calvin Ko Articles by Karl Levitt

	ASCII Text	x
	Dustin Lee, Jeff Rowe, Calvin Ko, Karl Levitt, "Detecting and Defending against Web-Server Fingerprinting," Computer Security Applications Conference, Annual, pp. 321, 18th Annual Computer Security Applications Conference (ACSAC '02), 2002.

	BibTex	x
	@article{ 10.1109/CSAC.2002.1176304, author = {Dustin Lee and Jeff Rowe and Calvin Ko and Karl Levitt}, title = {Detecting and Defending against Web-Server Fingerprinting}, journal ={Computer Security Applications Conference, Annual}, volume = {0}, year = {2002}, issn = {1063-9527}, pages = {321}, doi = {http://doi.ieeecomputersociety.org/10.1109/CSAC.2002.1176304}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Computer Security Applications Conference, Annual TI - Detecting and Defending against Web-Server Fingerprinting SN - 1063-9527 SP EP A1 - Dustin Lee, A1 - Jeff Rowe, A1 - Calvin Ko, A1 - Karl Levitt, PY - 2002 KW - null VL - 0 JA - Computer Security Applications Conference, Annual ER -

Dustin Lee, University of California, Davis

Jeff Rowe, University of California, Davis

Calvin Ko, Network Associates, Inc.

Karl Levitt, University of California, Davis

Cyber attacks continue to increase in sophistication. Advanced attackers often gather information about a target system before launching a precise attack to exploit a discovered vulnerability. This paper discusses techniques for remote identification of web servers and suggests possible defenses to the probing activity. General concepts of fingerprinting and their application to the identification of Web servers, even where server information has been omitted are described and methodologies for detecting and limiting such activity are discussed.

Citation:

Dustin Lee, Jeff Rowe, Calvin Ko, Karl Levitt, "Detecting and Defending against Web-Server Fingerprinting," acsac, pp.321, 18th Annual Computer Security Applications Conference (ACSAC '02), 2002

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.