| home / reviews / web_attacks_apache |
|
|
|
We will be covering the following classes of attack:
|
|
The format of the sections is as follows.
Definition
This will provide detailed information as to the scope of the attack and what factors may be involved for an attacker to attempt to exploit a specific vulnerability.
Example
This section will provide some examples of how an attack may work, including possible example code of either an attack script or vulnerable program.
Apache Countermeasures
This section provides example mitigation options utilizing Apache capabilities, and associated modules. The countermeasure sections of this document are not official WASC-supported recommendations. For the initial release of the Threat Classification, it was decided to omit the mitigations section due to the multitude of possible solutions based on the technologies being used. Because we are focusing on Apache as our application of choice, I thought that I would put much of this data back in, with some updates. The recommendations presented are based on my own experiences and lessons learned while teaching the Web Intrusion Detection and Prevention with Apache class for the SANS Institute.
References
This section lists links to further information on the subject.
| home / reviews / web_attacks_apache |
Legal Notices, Licensing, Permissions, Privacy Policy.
Advertise | Newsletters | Shopping | E-mail Offers | Freelance Jobs 
URL:
