H

hjlbx

Good read and videos. Well worth watching each video carefully - once or more.

The 10 Most Common Application Attacks in Action

The application layer is the hardest to defend. The vulnerabilities encountered here often rely on complex user input scenarios that are hard to define with an intrusion detection signature. This layer is also the most accessible and the most exposed to the outside world. For the application to function, it must be accessible over Port 80 (HTTP) or Port 443 (HTTPS).

Sorry, but in most cases there is little the user (client-side) can do in such cases because these attacks are server-side.

The truly scary stuff isn't what you download to your system, but instead a hacked server that you visit and use.
 
Last edited by a moderator:

_CyberGhosT_

Level 53
Verified
Trusted
Content Creator
@hjlbx
But isn't there firewalls or apps that monitor those ports ?
I know they cant be shut or blocked due to necessity, but I thought these ports were able to be monitored by certain security apps ?
PeAcE

EDIT: It's weird, the only discussions I found on securing or dealing with these ports dates back to 2009.
I think also that Kaspersky IS does monitor these ports, correct me if I'm wrong.
 
Last edited:
H

hjlbx

@hjlbx
But isn't there firewalls or apps that monitor those ports ?
I know they cant be shut or blocked due to necessity, but I thought these ports were able to be monitored by certain security apps ?
PeAcE

EDIT: It's weird, the only discussions I found on securing or dealing with these ports dates back to 2009.
You have to watch the videos. All the attacks are server-side = servers on which websites you use - like your bank - have been compromised. It isn't about the ports. It's all about a compromised server\website that collects your data.

In the data chain, servers are the weakest link. You can have a lock-tight, secure home system but still have all your most critical personal data stolen via a compromised server\website.
 

_CyberGhosT_

Level 53
Verified
Trusted
Content Creator
Ahhh, Ok
That makes more sense.
I didn't see the video, must be in that link.
Thanks hjlbx
 
H

hjlbx

Ahhh, Ok
That makes more sense.
I didn't see the video, must be in that link.
Thanks hjlbx
You should take a closer look. Ransomware is cake-walk compared to having your identity stolen and then fully exploited. Home physical system protection should be the least of any user's worries... because it is quite easy to protect your home system. You cannot protect any other system to which you connect and use...
 

_CyberGhosT_

Level 53
Verified
Trusted
Content Creator
I agree, and better guidelines need to be implimented for those selling or hosting online.
This is the only area where I think the Government should mandate the guidelines and enforce them.
Otherwise nothing will change with the speed thats needed to protect users and services.
 
H

hjlbx

I agree, and better guidelines need to be implimented for those selling or hosting online.
This is the only area where I think the Government should mandate the guidelines and enforce them.
Otherwise nothing will change with the speed thats needed to protect users and services.
Government rules are far -------------------------------- far behind technology created problems.

If you ask me, purchasing credit monitoring service is a far better investment than buying any security soft -- and even that isn't foolproof.
 
  • Like
Reactions: _CyberGhosT_

_CyberGhosT_

Level 53
Verified
Trusted
Content Creator
I understand you, but I mean in the long run, we need to move forward the technology to mitigate this kind of crap or we stay 5 steps behind always playing catch up .