Sunday, January 24
Hello Readers !!
Generally Unix and Linux base system are suitable for this kind of attacks. And works on scripts . When the core operating system or application is installed, the manufacturers distribute sample files and scripts so that the owner of the system can better
These system works and can use the scripts to develop new applications. From a developer’s standpoint, this is extremely helpful. The most of the people think that Why to create our own when you can use someone else’s script and just build onto it? In one of my jobs, I programmed and developed source code. Being able to use sample source code as a template helped increase the development time tremendously.
One of the main areas where there are a lot of sample scripts is in web development. The earlier versions of Apache web server and some web browsers came with several scripts and most of them had vulnerabilities. Also, a lot of the new scripting tools that come with web browsers enable developers with minimal programming knowledge to develop applications in a relatively short period of time.
In these cases, the applications work, but what’s going on behind the scene is usually pretty scary from a security standpoint. There is usually a lot of extraneous code and poor error-checking, which create an open door for attackers. Active Server Pages (ASPs) are a perfect example. Much of the early development that occurred with ASPs left a lot of backdoors that attackers are exploiting. An example is the default web msite that ships with IIS. It has the remote admin tools available from the main page. These tools can be used by an attacker to compromise a system.
