Re[2]: [fw-wiz] Application-level Attacks

From: gmx (carpathin.wolf_at_gmx.net)
Date: 02/09/05

  • Next message: R. DuFresne: "Re: [fw-wiz] VPNmadness gets more support;" 
    To: firewall-wizards@honor.icsalabs.com
Date: Wed, 9 Feb 2005 00:54:08 +0100

    Hello

    Well... i dont think that application level atacks have something to
    do with ports... simply because i think, ports are at tcp-layer, and
    if you talk about application, you talk about layer 7... if i hear
    application layer and attacks, all i can imagine is virii...
    Well, i dont know any other atack for layer 7 than malicious code.
    Means, all you can do at this layer, is to use an antivirus software,
    imho.
    Please correct me if i could be worng.

    best regards

    Adam

    Friday, January 28, 2005, 5:35:52 PM, you wrote:

    <==============Original message text===============
    CC> Danny wrote:

    >>On Thu, 27 Jan 2005 18:56:58 -0800, Crispin Cowan <crispin@immunix.com> wrote:
    >>
    >>
    >>>Shimon Silberschlag wrote:
    >>>
    >>>
    >>>
    >>>>Today, when attacks are shifting towards using the already open ports
    >>>>on the firewall, at the application level,
    >>>>
    >>>>
    >>>It is often said that contemporary attacks are migrating to
    >>>application-level attacks. Can someone point me to data backing this claim?
    >>>
    >>>
    >>
    >>How do you define contemporary attacks? All attacks except for those
    >>at the application-level?
    >>
    >>
    CC> Attacks within the last few years. "contemporary" is not the deep part
    CC> of the question :)

    CC> Note that I actually do believe that most attacks are now at the
    CC> application level. But I am looking for *evidence*, or at least a claim
    CC> I didn't just make up :) to back up this opinion.

    CC> Crispin

    <===========End of original message text=========== 

    -- 
Best regards,
 Adam Pal                            mailto:carpathin.wolf@gmx.net
_______________________________________________
firewall-wizards mailing list
firewall-wizards@honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
  • Next message: R. DuFresne: "Re: [fw-wiz] VPNmadness gets more support;"

    Relevant Pages

    • Re: [fw-wiz] Application-level Attacks
      ... i dont think that application level atacks have something to ... > do with ports... ... > application layer and attacks, all i can imagine is virii... ... applications. ...
      (Firewall-Wizards)
    • Re: [Full-disclosure] Brute force attack - need your advice
      ... But please state a config that someone with experience can not get into, is more of a point that security is ever evolving. ... Yup it is security by obscurity and it will help against a script kiddie that won't take the time to scan all ports, thats why I suggested move to a high non-standard port. ... I'm not talking about downloading blacklists but dynamic firewall rules and scripting to achieve a dynamic list based on ranking of attacks against the box. ...
      (Full-Disclosure)
    • Re: How to choose an IDS/FW MSS provider
      ... detect attacks by inspecting layer 3 headers for prohibited IP ... Layer 4 firewalls detect ... facility with an IDS or IPS deployed. ...
      (Focus-IDS)
    • Re: Layer 2 Trace
      ... no equivalent in the various layer two protocols. ... Audit your website security with Acunetix Web Vulnerability Scanner: ... Hackers are concentrating their efforts on attacking applications on your ... Up to 75% of cyber attacks are launched on shopping carts, forms, ...
      (Pen-Test)
    • Re: Scanning Class A network
      ... >network to identify hosts and ports exposed to the Internet. ... >Audit your website security with Acunetix Web Vulnerability Scanner: ... Cross site scripting and other web attacks before hackers do! ...
      (Pen-Test)