[WEB SECURITY] fingerprint survey of the Sand Hill/Page Mill venture capitalist group
Mat Caughron
mat at phpconsulting.com
Tue Sep 23 02:32:05 EDT 2008
Web Security Community:
A quick and informal survey fingerprints [1] from HTTP headers of the Bay
Area / Silicon Valley venture capital firms confirms that these folks have
yet to figure out that Apache has a production mode, can turn off server
signatures [2], and that IIS can be configured to tone down its HTTP
header advertising [3].
Some 45% or so are actively advertising out of date or unpatched web
server software/systems.
Granted: the splash pages are largely for marketing. This crowd is all
hat and no cattle when it comes to implementatin of typical/best practice.
The culture of innovation is great and all, but maybe what's required at
this point is just some basic awareness, thus this email.
There are a few exceptions.*
Disclaimer: I have no affiliation with any of the firms listed here.
No one said that investors need to have a clue, but finding an
investment firm on the West Coast that gets webappsec would be
a refreshing experience.
See you all in New York later this week,
Mat Caughron, CISSP
caughron at gmail.com
Belmont California
(408) 910-1266
[1] http://www.webappsec.org/projects/threat/classes/fingerprinting.shtml
[2] http://www.secureapache.com plus expose_php Off in php.ini
[3] http://www.microsoft.com/technet/treeview/?url=/technet/security/tools/tools/locktool.asp
For general amusement, here's the list, passively compiled:
Company
URL
HTTP headers
Greenberg Traurig
http://www.gtlaw.com
Server: Apache/2.2.8 (Win32) mod_jk/1.2.26
Quickstart Global
http://www.quickstartglobal.com
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Bridge Bank,
http://www.bridgebank.com
Server: Apache/1.3.37 (Unix) FrontPage/5.0.2.2635 mod_ssl/2.8.28
OpenSSL/0.9.7m
Garage Technology Ventures,
http://www.garage.com
Server: Apache/2.2.8 (Unix) mod_ssl/2.2.8 OpenSSL/0.9.7l PHP/5.2.6
Ernst & Young,
http://www.ey.com/perspectives
Server: Lotus-Domino
Greenberg Traurig LLP,
http://www.gtlaw.com
Server: Apache/2.2.8 (Win32) mod_jk/1.2.26
Greenstein, Rogoff, Olsen & Co., LLP (GROCO),
http://www.groco.com
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Intel Capital,
http://www.intelcapital.com
Location: http://www.intel.com/capital
Server: Microsoft-IIS/6.0
PricewaterhouseCoopers,
http://www.pwcv2r.com
Server: Apache/1.3.27 (Unix) (Red-Hat/Linux)
Rose Ryan,
http://www.roseryan.com
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Townsend and Townsend and Crew LLP,
http://www.townsend.com
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Woodside Fund
http://www.woodsidefund.com
Server: Microsoft-IIS/5.0
MicrosoftOfficeWebServer: 5.0_Pub
Advanced Professional,
http://www.ap-insurance.com
Server: Apache/2.0.46 (Red Hat)
AlwaysOn,
http://www.alwayson-network.com
Server: Apache/2.0.54
Applied Ventures LLC,
http://www.AppliedVentures.com
Server: Apache/2.0.59 (Unix) DAV/2
Eventbee Inc.,
http://www.eventbee.com
Server: Apache-Coyote/1.1
X-Powered-By: Servlet 2.4; JBoss-4.2.2.GA (build: SVNTag=JBoss_4_2_2_GA
date=200710221139)/Tomcat-5.5
Claremont Creek Ventures,
http://www.claremontvc.com
Server: Microsoft-IIS/6.0
MicrosoftOfficeWebServer: 5.0_Pub
EmailLabs
http://www.emaillabs.com
Server: Apache/1.3.31 (Unix) PHP/4.3.3
X-Powered-By: PHP/4.3.3
Hanson Bridgett LLP,
http://www.hansonbridgett.com
Server: Apache/1.3.41 Ben-SSL/1.59 (Unix) PHP/4.3.8
Ireland San Filippo, Accountants for Startups
www.isfllp.com
Server: Microsoft-IIS/6.0
MicrosoftOfficeWebServer: 5.0_Pub
Link Silicon Valley, LLC,
http://www.linksv.com
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Krause Taylor Associates,
http://www.krause-taylor.com
Server: Apache/1.3.37 (Unix) PHP/4.4.6
Market4Demand,
http://www.market4demand.com
Server: Apache/1.3.37 (Unix) FrontPage/5.0.2.2635 mod_ssl/2.8.28
OpenSSL/0.9.7m
Sonnenschein Venture Technology Group,
http://www.sonnenschein.com
Server: Microsoft-IIS/6.0
TradeVibes,
http://www.tradevibes.com
Server: Apache/2.2.8 (Fedora)
White & Case LLP,
http://www.whitecase.com
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Wilson Sonsini Goodrich & Rosati,
http://www.wsgr.com
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 1.1.4322
Benchmark Capital
http://www.benchmark.com
Server: Apache/1.3.26 (Unix) AuthMySQL/2.20 PHP/4.1.2 mod_gzip/1.3.19.1a
mod_ssl/2.8.9 OpenSSL/0.9.6g
X-Powered-By: PHP/4.1.2
Bessemer Venture
http://www.bvp.com
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Canaan Partners
http://www.canaan.com
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/4.3.9
Clearstone Venture Partners
http://www.clearstone.com
Server: Microsoft-IIS/6.0
MicrosoftOfficeWebServer: 5.0_Pub
X-Powered-By: ASP.NET
QuickSilver Ventures
http://www.quicksilverventures.com
Server: Microsoft-IIS/6.0
MicrosoftSharePointTeamServices: 12.0.0.6043
X-DIP:204
MS-Author-Via: MS-FP/4.0,DAV
MicrosoftOfficeWebServer: 5.0_Collab
X-Powered-By: ASP.NET
X-UA-Compatible: IE=EmulateIE7
X-AspNet-Version: 2.0.50727
Sequoia Capital
http://www.sequoiacap.com
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727
Sevin Rosen Funds
http://www.srfunds.com
Server: Apache/2.0.53 (Fedora)
New Enterprise Associates
http://www.nea.com
Server: Microsoft-IIS/6.0
Oak Investment Partners
http://www.oakinv.com
Server: Apache/2.0.51 (Fedora)
X-Powered-By: PHP/4.3.11
Sigma Partners
http://www.sigmapartners.com
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/4.3.9
Mayfield Fund
http://www.mayfield.com
Server: Microsoft-IIS/6.0
X-Powered-By: PHP/5.1.4
MicrosoftOfficeWebServer: 5.0_Pub
Kleiner Perkins Caufield & Byers
http://www.kpcb.com
Server: Apache/2.2.8 (Unix) PHP/5.2.5 with Suhosin-Patch mod_ssl/2.2.8
OpenSSL/0.9.7m mod_apreq2-20051231/2.6.0 mod_perl/2.0.3 Perl/v5.8.7
Venture Strategy Partners LP
http://www.vsplp.com
Server: Microsoft-IIS/5.0
National Venture Capital Association
http://www.nvca.org/
Server: Apache/1.3.36 (Unix) mod_perl/1.29 mod_ssl/2.8.27 OpenSSL/0.9.8b
PHP/4.4.4 with Suhosin-Patch
The Weiser Group
www.weisergroup.com
Server: Apache/1.3.34 (Debian) mod_gzip/1.3.26.1a AuthMySQL/4.3.9-2
PHP/5.2.0-8+etch10
Venrock
www.venrock.com
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
KKR
www.kkr.com
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
TPG Capital
www.tpg.com
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
MicrosoftOfficeWebServer: 5.0_Pub
* the more clueful :
Draper Fisher Jurvetson
www.dfj.com
Server: Apache
Highland Capital Partners
www.hcp.com
Server: Apache
Silver Lake Partners
www.silverlake.com
----------------------------------------------------------------------------
Join us on IRC: irc.freenode.net #webappsec
Have a question? Search The Web Security Mailing List Archives:
http://www.webappsec.org/lists/websecurity/archive/
Subscribe via RSS:
http://www.webappsec.org/rss/websecurity.rss [RSS Feed]
Join WASC on LinkedIn
http://www.linkedin.com/e/gis/83336/4B20E4374DBA
More information about the websecurity
mailing list