Re: [fw-wiz] Application-level Attacks
From: Frank Knobbe (frank_at_knobbe.us)
Date: 01/28/05
- Previous message: Smith, Al: "[fw-wiz] Alert mail won't work..."
- In reply to: Devdas Bhagat: "Re: [fw-wiz] Application-level Attacks"
- Next in thread: Marcus J. Ranum: "Re: [fw-wiz] Application-level Attacks"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: Devdas Bhagat <devdas@dvb.homelinux.org> Date: Fri, 28 Jan 2005 14:49:26 -0600
On Sat, 2005-01-29 at 01:10 +0530, Devdas Bhagat wrote:
> The exposure of applications has increased, but ye olde Sendmail bug
> and the BIND exploit du jour and the Internet Explorer sieve are still
> application layer bugs.
I think we first have to define that constitutes a "Application Layer
Attack". Is it an attack *against* the application layer, or is it an
attack *transmitted* over the application layer against a host system.
I'm inclined to disagree with your assessment and boldly proclaim that a
BIND buffer overflow is not an application layer attack. Yes, it's an
attack against the application, but it is executed over the network
layer.
I believe "application layer attacks" should be those that get
transmitted via application protocols. The already mentioned example of
SQL injection falls within that category.
But everyone sets their own metrics and definitions these days anyway.
According to some vendors, attacks don't even exist. :)
Cheers,
Frank
_______________________________________________
firewall-wizards mailing list
firewall-wizards@honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
- application/pgp-signature attachment: This is a digitally signed message part
- Previous message: Smith, Al: "[fw-wiz] Alert mail won't work..."
- In reply to: Devdas Bhagat: "Re: [fw-wiz] Application-level Attacks"
- Next in thread: Marcus J. Ranum: "Re: [fw-wiz] Application-level Attacks"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
