RE: [fw-wiz] Application-level Attacks

From: Marcus J. Ranum (mjr_at_ranum.com)
Date: 02/14/05

  • Next message: Frank Knobbe: "RE: [fw-wiz] Application-level Attacks" 
    To: "Ofer Shezaf" <Ofer.Shezaf@breach.com>, <firewall-wizards@honor.icsalabs.com>
Date: Mon, 14 Feb 2005 11:47:22 -0500

    Ofer Shezaf wrote:
    >There is also a well know study by Gartner that says that
    >75%-80% of attacks are carried on the application layer.

    Do you have a reference for this one? I'd like to look at the
    methodology behind it...

    mjr.

    _______________________________________________
    firewall-wizards mailing list
    firewall-wizards@honor.icsalabs.com
    http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

  • Next message: Frank Knobbe: "RE: [fw-wiz] Application-level Attacks"

    Relevant Pages

    • Re: How to choose an IDS/FW MSS provider
      ... detect attacks by inspecting layer 3 headers for prohibited IP ... Layer 4 firewalls detect ... facility with an IDS or IPS deployed. ...
      (Focus-IDS)
    • Re: Layer 2 Trace
      ... no equivalent in the various layer two protocols. ... Audit your website security with Acunetix Web Vulnerability Scanner: ... Hackers are concentrating their efforts on attacking applications on your ... Up to 75% of cyber attacks are launched on shopping carts, forms, ...
      (Pen-Test)
    • Re: unsuccessful hacking attempt at my machine
      ... the reasons I tend to use the word cracker and rarely say hacker as far ... needed such as Denial of Service attacks. ... and this is what white-hat hackers are about. ... Watchfulness and logging is another layer. ...
      (comp.os.linux.security)
    • Re: [fw-wiz] Application-level Attacks
      ... >are application layer attacks! ... of hash function, with morphological characteristics as the key. ... in are things which are best stated as parts of a risk analysis: ... Turns out that the OSI seven layer ...
      (Firewall-Wizards)
    • RE: SQL injection
      ... On the Application Layer ... Sig based detection is that that sig based. ... >attacks or old attacks may be able to bypass most IDS/IPS with various ... But no IDS or IPS system is perfect. ...
      (Pen-Test)