Website Security

For the past few days I have been looking into web security and the two most common attacks on a web application. Cross-Site scripting and SQL injection still top the list at numbers 1 and 2 respectively. Both of these malicious attacks can open up servers and data to damage and or the leakage of personal information.

Preventing these attacks is not as hard as one may think, but it is very easy to overlook many of the flaws in a web applications design. If you are a developer or just a hobbiest you may want to take a look into these two issues and make sure that your site is not open to these types of attacks.

If you have any questions or just want to talk web security feel free to contact me at firewire@geeksinside.com and I will see if I can answer them for you.

S1axter and I are going to be competing against each other in a contest to see who can make the most secure application. We have not yet defined the rules but if you want to jump in and throw out some ideas please post some comments. We are going to post after the rules before we start the contest and then post the results afterwards including the hacks that worked. Every site is different considering the style of the developer and the design of the application.

Here are some informative sites where you can find out more about these attacks and how to prevent them.

SQL Injection:
http://en.wikipedia.org/wiki/SQL_injection
http://www.securiteam.com/securityreviews/5DP0N1P76E.html

Cross-Site Scripting:
http://en.wikipedia.org/wiki/Cross-site_scripting
http://www.acunetix.com/websitesecurity/cross-site-scripting.htm

0 Comments:
No comment for this article.