Hack Proofing Your Web Applications

Potential Weaknesses in Java

No matter what type of security is implemented in the Java language, there will always be ways of attacking an application or applet. To combat against these weaknesses, it is up to the application designer to implement the security properly, with a lot of thought put into the design phase of development.

As a developer, you are probably interested in protecting users of your application from damage by your application. However, you are just as interested in securing your Java code from outside attacks. Many of these attacks are difficult to anticipate. A Denial of Service (DoS) attack is a broad area of attack that can affect any publicly available service. It doesn t even have to be computer-related! For example, 911 lines periodically experience denial of service from nuisance callers tying up the lines without any real emergency.

Another type of attack is the Trojan horse attack, where a piece of code is transported into a system usually by claiming to do something else and wreaking havoc. As a developer, this type of attack can only affect your application if the application can accept code from others. With new technologies such as RMI, the possibility of code insinuating itself on your server is a definite possibility, as we shall see.

DoS Attack/Degradation of Service Attacks

As discussed in Chapter 1, many high-profile cases of Denial of Service attacks (DoS) have been in the news, beginning in February of 2000. These attacks are usually instigated by pinging the Domain...

UNLIMITED FREE
ACCESS
TO THE WORLD'S BEST IDEAS

SUBMIT
Already a GlobalSpec user? Log in.

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

Customize Your GlobalSpec Experience

Category: Network Security Services
Finish!
Privacy Policy

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.