ISSC 262 APUS Web Server Vulnerabilities Discussion Reply
Description
Having Trouble Meeting Your Deadline?
Get your assignment on ISSC 262 APUS Web Server Vulnerabilities Discussion Reply completed on time. avoid delay and – ORDER NOW
Write Peer Response:
Hello class,
The three web server vulnerabilities I saw were SQL Injection, Cross Site Scripting, and Insecure Direct Object References.
SQL Injection: This type of vulnerability allows an attacker to alter back end SQL statements through the manipulation of user supplied data. Because it tricks the interpreter, an attacker can make it execute unintended commands and access unauthorized data. Additionally, this type of attack can expose the back end database. The objects vulnerable to this type of attack are input fields and interacting URLs.
Cross Site Scripting: This attack, also known as XSS, targets scripts embedded in a page that are executed on the client side. This is possible when the application takes untrusted data and sends it to the web browser without proper validation. This enables the attacker to execute malicious scripts on the browser which can then hijack the session, or redirect the user to another malicious site.
Insecure Direct Object References: This type of attack happens when a developer exposes a reference to an internal implementation object in the URL or as a FORM parameter. The attacker can then use this information to access other objects which basically opens access to potentially unauthorized data. I personally have messed around with this (Not in a malitious way) by putting in common terms at the end of a URL such as /files or /admin. Its rare to find sites with this open, but the are out there. Another way is to use /robots.txt to see if they happen to have a URL directory on there.
-Rafael
Our website has a team of professional writers who can help you write any of your homework. They will write your papers from scratch. We also have a team of editors just to make sure all papers are of HIGH QUALITY & PLAGIARISM FREE. To make an Order you only need to click Order Now and we will direct you to our Order Page at Litessays. Then fill Our Order Form with all your assignment instructions. Select your deadline and pay for your paper. You will get it few hours before your set deadline.
Fill in all the assignment paper details that are required in the order form with the standard information being the page count, deadline, academic level and type of paper. It is advisable to have this information at hand so that you can quickly fill in the necessary information needed in the form for the essay writer to be immediately assigned to your writing project. Make payment for the custom essay order to enable us to assign a suitable writer to your order. Payments are made through Paypal on a secured billing page. Finally, sit back and relax.