Firewall Wizards mailing list archives

Re: Application-level Attacks

From: vbwilliams () neb rr com
Date: Fri, 28 Jan 2005 11:07:46 -0600

Point to data?  Watch the news every time a Microsoft vulnerability comes out and an active exploit is created for it.  
I don't know why a person would need any other *proof* of application-level attacks.  Isn't DCOM an application/process 
that runs on a Windows box to handle a certain task/event/procedure?  Blaster = application-level exploit/attack that 
was pretty darn effective in exploiting DCOM.

I would argue that pretty much any exploit in the last 5 years is going to have a 95% chance of being 
application-level, DDoS/pings of death aside.

On Thu, Jan 27, 2005 at 06:56:58PM -0800, Crispin Cowan wrote:
| Shimon Silberschlag wrote:
| 
| >Today, when attacks are shifting towards using the already open 
ports 
| >on the firewall, at the application level,
| 
| It is often said that contemporary attacks are migrating to 
| application-level attacks. Can someone point me to data backing 
this claim?


_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

Current thread:

Re: Application-level Attacks vbwilliams (Jan 28)
- Re: Application-level Attacks Adam Shostack (Jan 28)
  - Re: Application-level Attacks Marcus J. Ranum (Jan 29)
    - Re: Application-level Attacks Adam Shostack (Jan 30)
- Re: Application-level Attacks Marcus J. Ranum (Jan 29)
  - Re: Application-level Attacks Paul D. Robertson (Jan 29)
    - Re: Application-level Attacks Marcus J. Ranum (Jan 29)
    - Re: Application-level Attacks Paul D. Robertson (Jan 29)
    - Re: Application-level Attacks Marcus J. Ranum (Jan 29)
    - Re: Application-level Attacks M. Dodge Mumford (Jan 30)
    - Re: Application-level Attacks Marcus J. Ranum (Jan 30)

(Thread continues...)