[Owasp-appsensor-project] Additional Detection Points - Utilization of Common User Names

Michael Coates michael.coates at owasp.org
Thu Jun 10 17:13:31 EDT 2010


I agree this should be a separate detection point. Looks like AE12 is 
the next spot.  It would make sense to be near AE1, but I don't won't to 
rearrange any number assignements since they are already referenced by 
others (modsecurity). So we will just continue to iterate.

Colin: can you add these directly to : 
http://www.owasp.org/index.php/AppSensor_DetectionPoints

You'll have to copy and paste the wiki formatting from the previous 
detection point, but it shouldn't be too bad I hope.

Michael Coates
OWASP


On 6/9/10 7:01 PM, John Melton wrote:
> I vote +1 for this .. while I see it could be part of IE3, I think it 
> should probably be called out separately
>
> On Wed, Jun 9, 2010 at 10:19 AM, Colin Watson <colin.watson at owasp.org 
> <mailto:colin.watson at owasp.org>> wrote:
>
>     Suggestion to add a new detection point.  Has this already been ruled
>     out?  Should it be added?  Is the description/categorization suitable?
>
>     Source
>     -----------------------------------
>     [Owasp-appsensor-project] AppSensor Feedback/Ideas, Sat Nov 21
>     11:02:45 EST 2009
>     https://lists.owasp.org/pipermail/owasp-appsensor-project/2009-November/000007.html
>
>     Description
>     -----------------------------------
>     Common dictionary user names (e.g. "administrator", "admin" or "test")
>     are used to attempt to log into the application.  This may enhance the
>     seriousness of AE1 Use of Multiple Usernames.
>
>     Suggested categorization
>     -----------------------------------
>     AE12 Utilization of Common User Names
>
>     *** Or could just be an instance of proposed IE3 Violation of
>     Implemented Black Lists ? ***
>     _______________________________________________
>     Owasp-appsensor-project mailing list
>     Owasp-appsensor-project at lists.owasp.org
>     <mailto:Owasp-appsensor-project at lists.owasp.org>
>     https://lists.owasp.org/mailman/listinfo/owasp-appsensor-project
>
>
>
> _______________________________________________
> Owasp-appsensor-project mailing list
> Owasp-appsensor-project at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-appsensor-project
>    
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-appsensor-project/attachments/20100610/3ed7cf09/attachment.html 


More information about the Owasp-appsensor-project mailing list