T
he “revolution” part of the “Internet revolution” slogan has notbeen around nearly as long as the Internet itself, whose lineage
dates back to the 1960s. While the beneficiaries of the revolution
are debatable, the amount of information that has been put “on the
Web” has obviously grown immensely. Today, anyone can post stories
about their cat, write insightful articles, chat on message boards, sell
widgets, sell used widgets, manage their collection of widgets, and
more. One of the common factors among these activities is the use of
web applications. Web applications may be static HTML files or complex,
dynamic, and database-driven web sites. In all cases, security is
paramount to maintaining the application’s integrity, privacy of its users,
confidentiality of its data, and uptime of its servers.
This chapter describes the techniques you can use to assess the
(in)security of your application. It steps through the major categories of
attacks employed by malicious Internet users. In some cases, the attack
may appear innocuous, such as gathering line numbers from error messages
or identifying all of the
pass : unicomp
پیوند ها