PitchLake – a tar pit for scanners

by Simon Biles

"One of my first tasks in the office this morning, after a cup of coffee of course, was to review my server logs. As of yet I’ve not got enough staff to have a minion to do this for me, but to be honest I’d miss the connection to the real world of computing if I did. I run a Linux server in a datacentre in Birmingham as my company’s main web-server and my high bandwidth, static IP’d pen-test machine. For the last few months I’ve been meaning to do something about the 404 errors that are being reported by Apache – some are my fault for taking pages away that people clearly still cross reference – the others though are clearly the work of automated web vulnerability scanning tools…"

Read more here
Discuss here

Leave a Comment