public marks

PUBLIC MARKS with tags type:article & securite

May 2006

Repérer automatiquement les failles de sécurité des sites Internet

by fredbird
Le logiciel, dénommé SecuBat Framework, agit comme le ferait un pirate informatique: il attaque les sites web dynamiques afin d'identifier les forces et faiblesses de leurs systèmes de sécurité. Il les sollicite par des attaques croisées XSS (Cross-Site Scripting Attacks) ou par des injections SQL, c'est-à-dire en insérant des scripts Javascript ou des fragments de code SQL dans leurs formulaires, pour interroger leurs bases de données ou modifier leurs pages.

Five common Web application vulnerabilities

by fredbird (via)
This article looks at five common Web application attacks, primarily for PHP applications, and then presents a case study of a vulnerable Website that was found through Google and easily exploited. Each of the attacks we'll cover are part of a wide field of study, and readers are advised to follow the references listed in each section for further reading. It is important for Web developers and administrators to have a thorough knowledge of these attacks. It should also be noted that that Web applications can be subjected to many more attacks than just those listed here.

April 2006

CERIAS Weblogs » Security Myths and Passwords

by fredbird (via)
In the practice of security we have accumulated a number of “rules of thumb” that many people accept without careful consideration. Some of these get included in policies, and thus may get propagated to environments they were not meant to address. It is also the case that as technology changes, the underlying (and unstated) assumptions underlying these bits of conventional wisdom also change. The result is a stale policy that may no longer be effective…or possibly even dangerous.

July 2005

Rats in the security world

by fredbird
We have been well conditioned to recognize and delete the endless stream of spam, phishing attempts, Nigerian scams, and virus attacks we get every day in our inboxes. We have been so far behind for so long in the battle with computer security that we have almost forgotten some of the most basic insecurities that we put up with day after day.

February 2005

January 2005

PUBLIC TAGS related to tag type:article

apache +   blog +   computer +   lang:en +   lang:fr +   module +   network +   php +   securite +   tech +   web +   web-app +   web-dev +  

Active users

last mark : 30/05/2006 15:07