Firewall Wizards mailing list archives

Re: Application-level Attacks

From: Adam Shostack <adam () homeport org>
Date: Sat, 29 Jan 2005 14:28:39 -0500

On Sat, Jan 29, 2005 at 04:30:29AM -0500, Marcus J. Ranum wrote:
| Adam Shostack wrote:
| >I think that the "new" application layer attacks are things like sql
| >injection for data theft, phishing, etc.  I think perhaps business
| >layer attacks makes more sense as a name.
| 
| Those are "social engineering attacks"
| :)
| AKA "layer 8 attacks"
| AKA "user layer attacks"
| AKA "meat layer attacks"

SQL injection is a social engineering attack?  

| By the way, you DON'T want to see what a meat layer buffer overrun
| looks like....

But monsieur, it is just wafer-thin!

;)
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

Current thread:

Re: Application-level Attacks vbwilliams (Jan 28)
- Re: Application-level Attacks Adam Shostack (Jan 28)
  - Re: Application-level Attacks Marcus J. Ranum (Jan 29)
    - Re: Application-level Attacks Adam Shostack (Jan 30)
- Re: Application-level Attacks Marcus J. Ranum (Jan 29)
  - Re: Application-level Attacks Paul D. Robertson (Jan 29)
    - Re: Application-level Attacks Marcus J. Ranum (Jan 29)
    - Re: Application-level Attacks Paul D. Robertson (Jan 29)
    - Re: Application-level Attacks Marcus J. Ranum (Jan 29)
    - Re: Application-level Attacks M. Dodge Mumford (Jan 30)
    - Re: Application-level Attacks Marcus J. Ranum (Jan 30)
    - Re: Application-level Attacks Crispin Cowan (Jan 30)
    - Re: Application-level Attacks Stephen P. Berry (Jan 30)
  - Re: Application-level Attacks Crispin Cowan (Jan 30)

(Thread continues...)