1. SQL Injection -
a security vulnerability that occurs in the database layer of an application
2. Cross-Site Scripting
causes a user's Web browser to execute a malicious script
3. Web site defacement
occurs when a hacker breaks into a web server and alters the hosted website or creates one of his own
4. Buffer Overflow
hackers exploit buffer overflows by appending executable
instructions to the end of data and causing that code to be run after it has
entered memory
5. DOS -Denial Of Service -
an assault on a network that floods it with so
many additional requests that regular traffic is either slowed or completely
interrupted
6. Password Cracking
the process of recovering secret passwords from data
that has been stored in or transmitted by a computer system, typically, by
repeatedly verifying guesses for the password
In order to eliminate application security problems the developers have to
pay attention to security and have to code securely. In this paper we have
shown that ASP.NET, and now ASP.NET 2.0, integrates a number of defense
mechanisms that can be easily applied:
• Classes for SQL parameters that prevent SQL injection,
• Automatic checking for CSS attack, and
• Custom error pages and centralized exception handling.
Subscribe to:
Post Comments (Atom)
.png)
No comments:
Post a Comment