[WEB SECURITY] fingerprint survey of the Sand Hill/Page Mill venture capitalist group

Mat Caughron mat at phpconsulting.com
Tue Sep 23 02:32:05 EDT 2008


Web Security Community:

A quick and informal survey fingerprints [1] from HTTP headers of the Bay 
Area / Silicon Valley venture capital firms confirms that these folks have 
yet to figure out that Apache has a production mode, can turn off server 
signatures [2], and that IIS can be configured to tone down its HTTP 
header advertising [3].

Some 45% or so are actively advertising out of date or unpatched web 
server software/systems.

Granted: the splash pages are largely for marketing.  This crowd is all 
hat and no cattle when it comes to implementatin of typical/best practice. 
The culture of innovation is great and all, but maybe what's required at 
this point is just some basic awareness, thus this email.

There are a few exceptions.*

Disclaimer: I have no affiliation with any of the firms listed here.

No one said that investors need to have a clue, but finding an 
investment firm on the West Coast that gets webappsec would be 
a refreshing experience.

See you all in New York later this week,




Mat Caughron, CISSP
caughron at gmail.com
Belmont  California
(408) 910-1266



[1] http://www.webappsec.org/projects/threat/classes/fingerprinting.shtml
[2] http://www.secureapache.com  plus   expose_php Off in php.ini
[3] http://www.microsoft.com/technet/treeview/?url=/technet/security/tools/tools/locktool.asp




For general amusement, here's the list, passively compiled:


Company
URL
HTTP headers


Greenberg Traurig
http://www.gtlaw.com
Server: Apache/2.2.8 (Win32) mod_jk/1.2.26


Quickstart Global
http://www.quickstartglobal.com
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET


Bridge Bank,
http://www.bridgebank.com
Server: Apache/1.3.37 (Unix) FrontPage/5.0.2.2635 mod_ssl/2.8.28 
OpenSSL/0.9.7m


Garage Technology Ventures,
http://www.garage.com
Server: Apache/2.2.8 (Unix) mod_ssl/2.2.8 OpenSSL/0.9.7l PHP/5.2.6


Ernst & Young,
http://www.ey.com/perspectives
Server: Lotus-Domino


Greenberg Traurig LLP,
http://www.gtlaw.com
Server: Apache/2.2.8 (Win32) mod_jk/1.2.26


Greenstein, Rogoff, Olsen & Co., LLP (GROCO),
http://www.groco.com
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET

Intel Capital,
http://www.intelcapital.com
Location: http://www.intel.com/capital
Server: Microsoft-IIS/6.0


PricewaterhouseCoopers,
http://www.pwcv2r.com
Server: Apache/1.3.27 (Unix)  (Red-Hat/Linux)


Rose Ryan,
http://www.roseryan.com
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET


Townsend and Townsend and Crew LLP,
http://www.townsend.com
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET


Woodside Fund
http://www.woodsidefund.com
Server: Microsoft-IIS/5.0
MicrosoftOfficeWebServer: 5.0_Pub


Advanced Professional,
http://www.ap-insurance.com
Server: Apache/2.0.46 (Red Hat)


AlwaysOn,
http://www.alwayson-network.com
Server: Apache/2.0.54

Applied Ventures LLC,
http://www.AppliedVentures.com
Server: Apache/2.0.59 (Unix) DAV/2


Eventbee Inc.,
http://www.eventbee.com
Server: Apache-Coyote/1.1
X-Powered-By: Servlet 2.4; JBoss-4.2.2.GA (build: SVNTag=JBoss_4_2_2_GA 
date=200710221139)/Tomcat-5.5


Claremont Creek Ventures,
http://www.claremontvc.com
Server: Microsoft-IIS/6.0
MicrosoftOfficeWebServer: 5.0_Pub



EmailLabs
http://www.emaillabs.com
Server: Apache/1.3.31 (Unix) PHP/4.3.3
X-Powered-By: PHP/4.3.3


Hanson Bridgett LLP,
http://www.hansonbridgett.com
Server: Apache/1.3.41 Ben-SSL/1.59 (Unix) PHP/4.3.8


Ireland San Filippo, Accountants for Startups
www.isfllp.com
Server: Microsoft-IIS/6.0
MicrosoftOfficeWebServer: 5.0_Pub


Link Silicon Valley, LLC,
http://www.linksv.com
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727


Krause Taylor Associates,
http://www.krause-taylor.com
Server: Apache/1.3.37 (Unix) PHP/4.4.6


Market4Demand,
http://www.market4demand.com
Server: Apache/1.3.37 (Unix) FrontPage/5.0.2.2635 mod_ssl/2.8.28 
OpenSSL/0.9.7m


Sonnenschein Venture Technology Group,
http://www.sonnenschein.com
Server: Microsoft-IIS/6.0


TradeVibes,
http://www.tradevibes.com
Server: Apache/2.2.8 (Fedora)


White & Case LLP,
http://www.whitecase.com
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727


Wilson Sonsini Goodrich & Rosati,
http://www.wsgr.com
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 1.1.4322


Benchmark Capital
http://www.benchmark.com
Server: Apache/1.3.26 (Unix) AuthMySQL/2.20 PHP/4.1.2 mod_gzip/1.3.19.1a 
mod_ssl/2.8.9 OpenSSL/0.9.6g
X-Powered-By: PHP/4.1.2


Bessemer Venture
http://www.bvp.com
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727


Canaan Partners
http://www.canaan.com
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/4.3.9


Clearstone Venture Partners
http://www.clearstone.com
Server: Microsoft-IIS/6.0
MicrosoftOfficeWebServer: 5.0_Pub
X-Powered-By: ASP.NET


QuickSilver Ventures
http://www.quicksilverventures.com
Server: Microsoft-IIS/6.0
MicrosoftSharePointTeamServices: 12.0.0.6043
X-DIP:204
MS-Author-Via: MS-FP/4.0,DAV
MicrosoftOfficeWebServer: 5.0_Collab
X-Powered-By: ASP.NET
X-UA-Compatible: IE=EmulateIE7
X-AspNet-Version: 2.0.50727


Sequoia Capital
http://www.sequoiacap.com
Server: Microsoft-IIS/6.0
X-AspNet-Version: 2.0.50727


Sevin Rosen Funds
http://www.srfunds.com
Server: Apache/2.0.53 (Fedora)


New Enterprise Associates
http://www.nea.com
Server: Microsoft-IIS/6.0


Oak Investment Partners
http://www.oakinv.com
Server: Apache/2.0.51 (Fedora)
X-Powered-By: PHP/4.3.11


Sigma Partners
http://www.sigmapartners.com
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/4.3.9


Mayfield Fund
http://www.mayfield.com
Server: Microsoft-IIS/6.0
X-Powered-By: PHP/5.1.4
MicrosoftOfficeWebServer: 5.0_Pub


Kleiner Perkins Caufield & Byers
http://www.kpcb.com
Server: Apache/2.2.8 (Unix) PHP/5.2.5 with Suhosin-Patch mod_ssl/2.2.8 
OpenSSL/0.9.7m mod_apreq2-20051231/2.6.0 mod_perl/2.0.3 Perl/v5.8.7


Venture Strategy Partners LP
http://www.vsplp.com
Server: Microsoft-IIS/5.0


National Venture Capital Association
http://www.nvca.org/
Server: Apache/1.3.36 (Unix) mod_perl/1.29 mod_ssl/2.8.27 OpenSSL/0.9.8b 
PHP/4.4.4 with Suhosin-Patch


The Weiser Group
www.weisergroup.com
Server: Apache/1.3.34 (Debian) mod_gzip/1.3.26.1a AuthMySQL/4.3.9-2 
PHP/5.2.0-8+etch10

Venrock
www.venrock.com
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET

KKR
www.kkr.com
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET

TPG Capital
www.tpg.com
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
MicrosoftOfficeWebServer: 5.0_Pub










* the more clueful :

Draper Fisher Jurvetson
www.dfj.com
Server: Apache

Highland Capital Partners
www.hcp.com
Server: Apache

Silver Lake Partners
www.silverlake.com



----------------------------------------------------------------------------
Join us on IRC: irc.freenode.net #webappsec

Have a question? Search The Web Security Mailing List Archives: 
http://www.webappsec.org/lists/websecurity/archive/

Subscribe via RSS: 
http://www.webappsec.org/rss/websecurity.rss [RSS Feed]

Join WASC on LinkedIn
http://www.linkedin.com/e/gis/83336/4B20E4374DBA



More information about the websecurity mailing list