Chapter 7. Performing Web Server Attacks

Everyone is a moon and has a dark side which he never shows to anybody.

Mark Twain

It is no longer necessary to drive down to the local mall to shop for goods; now, shoppers can buy virtually anything online. Groceries, hard-to-find collectibles, cars, electronics, and books the list is endless as to what you can buy on the World Wide Web. Yet this ease of shopping comes at the expense of increased security concerns. Although the security risks of shopping online are really no greater than those of shopping in person, the appeal of online attacks is greater for the potential thief. Now a malicious hacker can attack from the safety of his own home and go virtually undetected. Web hacking is also attractive for the anonymity that it offers. It is more appealing to steal from someone you cannot see than it is when someone is watching your every move.

These attacks often go undetected. Even when they are detected, they are difficult to trace back to the source of the attack. For these reasons, companies are hiring penetration testers to assess the security of their online presence. This test should include attempts to break into a website and to assess if the attempted attacks are being detected.

As with other chapters, this chapter concludes with a section on how to detect these attacks.