Your browser does not seem to support CSS. If images appear below, please disregard them.
It appears that you're running an Ad-Blocker. This site is monetized by Advertising and by User Donations; we ask that if you find this site helpful that you whitelist us in your Ad-Blocker, or make a Donation to help aid in operating costs.
Previous Thread
Next Thread
Print Thread
Rate This Thread
#40156 - 08/08/05 07:39 AM Stopping Automated Attack Tools  
Joined: Mar 2002
Posts: 270
HighLander Offline
UGN Member
HighLander  Offline
UGN Member

Joined: Mar 2002
Posts: 270
Canada
Stopping Automated Attack Tools : An analysis of web-based application techniques capable of defending against current and future automated attack tools.

Quote:
An almost infinite array of automated tools exist to spider and mirror application content extract confidential material. brute force guess authentication credentials, discover code injection flaws, fuzz application variables for exploitable overflows, scan for common files or vulnerable CGI's, and generally attack or exploit web-based application flaws. While of great value to security professionals, the use of these tools by attackers represents a clear and present danger to all organisations.

These automated tools have become increasingly popular for attackers seeking to compromise the integrity of online applications, and are used during most phases of an attack. Whilst there are a number of defence techniques which, when incorporated into a web-based application, are capable of stopping even the latest generation of tools, unfortunately most organisations have failed to adopt them.
A good one to read if your into network security


Unless you try something to which you have not already succeeded ~ Then you shall NEVER grow
Sponsored Links
#40157 - 08/08/05 09:24 AM Re: Stopping Automated Attack Tools  
Joined: Jul 2005
Posts: 4
Hallowed Be Thy Name Offline
Junior Member
Hallowed Be Thy Name  Offline
Junior Member

Joined: Jul 2005
Posts: 4
N/A
Prime examples of what this article talks about is DoS and DDoS, and perhaps now to a lesser extent Smurfs. It seems now that most security corporations are now focusing on preventing attacks by increasing network security in perhaps a futile effort to eliminate or reduce the possible number of zombies/bots, but still this is a far cry from a full solution as there will allways be vunerable systems, and the ability to saturate lines or exhausting server memory.

Could a possible solution be to limit the frequency of packets under a certain size being sent on OS cleints, similar to flood control on web boards, these days with the size of most peoples lines small packets like that are rarely sent anyway, and most programs use far bigger or more complex packets ussaully. A real solution to DoS attacks is worth millions though.


Assuming 0 is an invalid socket handle value.
Uncontrollably lame.

Member Spotlight
Gremelin
Gremelin
Portland, OR; USA
Posts: 7,195
Joined: February 2002
Show All Member Profiles 
Forum Statistics
Forums45
Topics47,513
Posts82,683
Average Daily Posts8
Members2,159
Most Online1,567
Apr 25th, 2010
Latest Postings
Top Posters(All Time)
UGN Security 40,677
Gremelin 7,195
§intå× 3,255
SilentRage 1,273
Ice 1,146
pergesu 1,136
Infinite 1,041
jonconley 955
Girlie 908
unreal 860
Top Liked Users (All Time)
§intå× Likes: 1
Cold Sunn Likes: 1
Crime Likes: 1
Cyrez Likes: 1
Ghost Likes: 1
Gremelin Likes: 4
Ice Likes: 1
unreal Likes: 1
Top Liked Users (30 Days)
No Data Found
Powered by UBB.threads™ PHP Forum Software 7.6.0
(Snapshot build 20160902)