WebApp Sec: Re: Top Ten Web App Sec Problems

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

WebApp Sec mailing list archives

Re: Top Ten Web App Sec Problems

From: bt () munky seifried org
Date: Sat, 30 Nov 2002 17:42:23 -0700 (MST)

Deploying servers to support applications (be they front end web, mid 
tier, back end database, etc.) with default configurations and uneeded 
items such as example and test scripts, debugging information enabled 
(i.e. informational error messages). You need to secure the infrastructure 
as well as the web application, this can be a real pain when vendors 
refuse to support recent service pack levels for IIS/etc.

-Kurt

By Date By Thread

Current thread:

Top Ten Web App Sec Problems Mark Curphey (Nov 30)
- Re: Top Ten Web App Sec Problems zeno (Nov 30)
  - Re: Top Ten Web App Sec Problems Mark Curphey (Nov 30)
    - Re: Top Ten Web App Sec Problems Matt Curtin (Nov 30)
    - Re: Top Ten Web App Sec Problems bt (Nov 30)
    - Re: Top Ten Web App Sec Problems Alex Russell (Dec 02)
    - Re: Top Ten Web App Sec Problems Andrew Jaquith (Dec 02)
    - Re: Top Ten Web App Sec Problems Alex Russell (Dec 02)
- <Possible follow-ups>
- FW: Top Ten Web App Sec Problems Keith T. Morgan (Dec 02)
- Re: Top Ten Web App Sec Problems Steven M. Christey (Dec 02)