Could you detect an application attack?

Buffer overflow attacks and how how information security protocols effect application logging

1. Answer: b. Buffer overflow
"Buffer overflow attacks are said to have arisen because the C programming language supplied the framework and poor programming practices supplied the vulnerability."

To learn more about buffer overflows, review our glossary definition.

2. Answer: d. SNMP
"Simple Network Management Protocol (SNMP) is the protocol governing network management and the monitoring of network devices and their functions. It is not necessarily limited to TCP/IP networks."

To learn how information security protocols effect application logging, read our Threat Monitor tip, or listen to this tip on your iPod or other MP3 player.

3. Answer: d. It's difficult to start.
"Configuring application severs and logging infrastructure to support detailed logging of application layer events can provide you with critical information in the event of a security incident. Proactive monitoring will provide you with the ability to detect events in near real-time, while reactive monitoring will offer invaluable assistance to forensic investigators. It's not difficult to get started – as we discussed, you probably already have the basic infrastructure in place."

To learn about benefits of application logging, read our Threat Monitor tip, or listen to this tip on your iPod or other MP3 player.

4. Answer: c. Distributed denial-of-service attack
On the Internet, a distributed denial-of-service (DDoS) attack is one in which a multitude of compromised systems attack a single target, thereby causing denial of service for users of the targeted system. The flood of incoming messages to the target system essentially forces it to shut down, thereby denying service to the system to legitimate users."

To learn how distributed denial-of-service attacks operate, review our glossary definition.

5. Answer: b. Clean and validate all user input.
Here are 11 rules that developers should follow during any Web application development cycle:

  1. Never trust user supplied data
  2. Clean and validate all user input
  3. Validate data on the server
  4. Use taint checking or .NET validation controls
  5. Use POST instead of GET
  6. Avoid the use of HIDDEN form fields
  7. Only use cookies to store a session ID
  8. Locate different file types in separate directories
  9. Use absolute path and filenames
  10. Open files as read-only where possible
  11. Keep up to date on the latest attack methods

To receive tactics to improve the quality of Web applications, read this tip.

Read more on IT risk management