Web Server Application Attacks

777 Words2 Pages

Introduction
There are more Web application vulnerabilities than one can even count, and they have become so widespread that most hacking sites have tools that you can download to search, find, and exploit tools these vulnerabilities. This makes it very easy for even a rookie hacker to exploit these flaws. The three common web application vulnerabilities and attacks are as follows: Username enumeration, Security misconfiguration, and SQL Injection.

Three common Web application vulnerabilities and attacks
Username enumeration is my first common Web application vulnerability and/or attack. This type of attack is backend validation script that helps an attacker determine if a username is correct or not. This vulnerability opens the door for an attacker allowing them to test different usernames in order to locate valid ones. Attackers often use default usernames and passwords such as admin/admin, etc. Some mitigation strategies that can help minimize these type of attacks would be to limit the amount of failed attempt that can be performed, as well as making sure default usernames and passwords are changed and never used in production systems. (Cobb, 2011)
Security misconfiguration is my second common Web application vulnerability and/or attack. If a network infrastructure supports any type of Web applications running on such things as databases, firewalls, and servers, there is a definite need them to be more securely configured and maintained. Some mitigation strategies might include a configuration with the minimal amount of privileges set. Making sure that users are adequately trained. It may also be beneficial to perform some penetration tests to determine if the Web applications are able securely configured and able to withsta...

... middle of paper ...

...law breakers. The more laws that the Federal Government create to attempt to regulate the internet the more attacks they will be exposed to. (O'Keefe, 2012)

Works Cited

Cobb, M. (2011), Five common web application vulnerabilities and how to avoid them,
Retrieved on January 17, 2014 from http://searchsecurity.techtarget.com/tip/Five-common-Web-application-vulnerabilities-and-how-to-avoid-them

Kennedy, S. (2005). Common web application vulnerabilities, Retrieved on January 17, 2014
From, http://www.isaca.org/Journal/Past-Issues/2005/Volume-4/Pages/Common-Web-Application-Vulnerabilities1.aspx

O'Keefe, E. (2012), How was the justice department web site attacked? , Retrived on January 17,
2014, http://www.washingtonpost.com/blogs/federal-eye/post/how-was-the- justice%20department-web-site%20attacked/2012/01/19/gIQA6EGHDQ_blog.html?wpisrc=nl_fedinsider

More about Web Server Application Attacks

Open Document