As security threats multiply and proliferate, so seemingly do the number and style of firewalls 
designed to thwart them. At Network Computing, we most recently took a closer look at Web Application Firewalls, which pick up where classic network firewalls leave off. While a network firewall keeps out intruders, a Web application firewalls protects the application layr from attacks, using deep-packet inspection to guard against SQL injection, session hijacking, cross-site scripting, buffer overflows and other threats.
What kinds of threats are we talking about? Consider:
- An attacker could enter an extremely long URL to try and create a buffer overflow.
- A cross-site scripting attack could attempt to capture legitimate user session information.
- Another style of attack involves modifying session cookie values to try and impersonate a user, thus gaining access to personal information.
- Database-driven sites are vulnerable to SQL injection attacks, where an attacker tries to guess how the application works internally, then enters SQL code into a form field to gain access to the underlying database. Security Pipeline | The Right Firewall for the Job
From around the Web
- Windows Vista Service Pack 2 Latest Release Schedule
- Vista SP2: What is inside?
- NetWitness releases free version of security software
- Three Reasons Why Users Won’t Buy Into Security
- Automated security testing & its limitations
- Google Wants to Preinstall Chrome Browser on PCs
- Mozilla warns of Firefox China add on
- Firefox No Longer an Automatic Defense Against Browser Drive Bys
- Google patches Chrome file stealing bug
- Apple plays catch up, adds anti fraud safeguard to Safari
- Researchers find vulnerability in Windows Vista
- How to Use Network Behavior Analysis Tools
- The insider security threat in IT and financial services
- Windows 7 security: An overall improvement?
- Windows 7 UAC could be less of a nag
0 comments for this entry ↓
There are no comments yet for this entry.
You must log in to post a comment.