Posts Tagged ‘Webserver’

Microsoft release the Web Application Configuration Analyzer 2.0

Web Application Configuration Analyzer (WACA) is a tool that scans a server against a set of best practices recommended for pre-production and production servers. The list of best practices is derived from the Microsoft Information Security & Risk Management Deployment Review Standards used internally at Microsoft to harden production and pre-production environments for line of [...]

Share

Two New HTTP POST Attack Tools Released

During 2010 OWASP Application Security Conference at Washington, researchers demonstrated how it is possible to conduct a new form of distributed denial of service “that floods the web server with a slow HTTP traffic. Currently there is two free utility that may perform this attack d “R U Dead Yet?” and OWASP HTTP POST Tool [...]

Share

Detecting & Bypassing Web Application Firewalls (part 2)

There is no single ideal system in the world, and this applies to Web application firewalls too (WAF’s). While the advantages and positive features far outweigh the negative in WAF’s, one major problem is there are only a few action rules allowed. The white list is expanding, and requires more development efforts because it is [...]

Share

Detecting & Bypassing Web Application Firewalls (part 1)

When we hear the term firewall, most people think of the network filtering solution. But have you heard about the web application firewall (WAF)? Web applications have some serious vulnerabilities, and WAF provides a very important extra protection layer to the web solution. Hackers can find access points through errors in code, and we find [...]

Share

Apache Website Owned!

Apache Software Foundation website was down last Friday after hackers compromised SSH key to one of their main servers. Secure Shell is a very popular technology that can provides a secure servers remote administration, well if the hackers manage to upload a rootkit or Trojan over the download package of apache website, this can cause [...]

Share