Summary

Unless you can get the application to crash easily, denial of service bugs can be one of the hardest types to discover. Often, there is a fine line between what is considered a performance issue and what is considered a DoS attack. It really depends on what is considered acceptable for the application. As a tester, you might have to push to get certain DoS bugs fixed. Sometimes developers consider a bug acceptable, but it isnt what the customer would want. For example, client applications that can be crashed by an attacker and cause victims to lose data should be fixed. The effect of a DoS on server applications can be huge, so it is important that they are tested thoroughly and that resources consumed by a single server request are limited.



Hunting Security Bugs
Hunting Security Bugs
ISBN: 073562187X
EAN: 2147483647
Year: 2004
Pages: 156

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net