Summary

Summary

The URL, the tiny portal into a Web server's inner mechanics, has the capacity to render all firewall, intrusion detection systems, and proxy security technologies useless. Users have to let port 80 (HTTP) and 443 (SSL) traffic through their firewalls. They can't possibly accommodate every combination of illegal URLs and devise an IDS signature or proxy filter for attacks through these ports. In essence, all the technologies used to fight Web cyber-terror might as well be left on the shelf when it comes to Web attacks. To help identify vulnerabilities we discussed URL structures, the passing of parameters between Web browser and server, URL encoding and its potential for abuse, and finally HTML forms.

 



Web Hacking(c) Attacks and Defense
Web Hacking: Attacks and Defense
ISBN: 0201761769
EAN: 2147483647
Year: 2005
Pages: 156

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net