Risk Management – Terminology

Views: 20Risk Avoidance Risk Acceptance Risk Reduction Basic Terminology Threat A threat is a potential harm or danger to an individual, organisation, or system. Threats can be classified into three main categories: human-made, technical, or natural. Human-made threats: These threats are caused by human activities or interventions. Examples include: As can be seen, human-made threats are not limited to … Read more

Suricata rules to detect Web application attacks

Views: 208Here are some examples of Suricata rules that can be used to detect web application attacks: 1. SQL Injection: 2. Cross-Site Scripting (XSS): 3. Remote File Inclusion (RFI): 4. Local File Inclusion (LFI): 5. Command Injection: 6. Server-Side Request Forgery (SSRF): These are just a few examples, and you can modify or create additional … Read more

DNS Tunneling attacks

Views: 24DNS tunneling is a technique used by attackers to bypass network security measures and exfiltrate data from a targeted network. It involves encapsulating unauthorized data within DNS (Domain Name System) queries or responses, allowing the attacker to transmit information through DNS channels. Here is a simplified diagram illustrating the DNS tunneling attack: Here’s an … Read more