Re: [fw-wiz] Application-level Attacks

From: Adam Shostack (adam_at_homeport.org)
Date: 01/28/05

  • Next message: Adam Shostack: "Re: [fw-wiz] Application-level Attacks"
    To: vbwilliams@neb.rr.com
    Date: Fri, 28 Jan 2005 14:36:12 -0500
    
    

    I think that the "new" application layer attacks are things like sql
    injection for data theft, phishing, etc. I think perhaps business
    layer attacks makes more sense as a name.

    Adam

    On Fri, Jan 28, 2005 at 11:07:46AM -0600, vbwilliams@neb.rr.com wrote:
    | Point to data? Watch the news every time a Microsoft vulnerability comes out and an active exploit is created for it. I don't know why a person would need any other *proof* of application-level attacks. Isn't DCOM an application/process that runs on a Windows box to handle a certain task/event/procedure? Blaster = application-level exploit/attack that was pretty darn effective in exploiting DCOM.
    |
    | I would argue that pretty much any exploit in the last 5 years is going to have a 95% chance of being application-level, DDoS/pings of death aside.
    |
    |
    | > On Thu, Jan 27, 2005 at 06:56:58PM -0800, Crispin Cowan wrote:
    | > | Shimon Silberschlag wrote:
    | > |
    | > | >Today, when attacks are shifting towards using the already open
    | > ports
    | > | >on the firewall, at the application level,
    | > |
    | > | It is often said that contemporary attacks are migrating to
    | > | application-level attacks. Can someone point me to data backing
    | > this claim?
    |
    | _______________________________________________
    | firewall-wizards mailing list
    | firewall-wizards@honor.icsalabs.com
    | http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
    _______________________________________________
    firewall-wizards mailing list
    firewall-wizards@honor.icsalabs.com
    http://honor.icsalabs.com/mailman/listinfo/firewall-wizards


  • Next message: Adam Shostack: "Re: [fw-wiz] Application-level Attacks"