From the course: Threat Modeling: Repudiation in Depth
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Attacks via logs and response systems
From the course: Threat Modeling: Repudiation in Depth
Attacks via logs and response systems
- [Instructor] Attacks follow data. And sometimes that data flows through logs to attack analysis systems. Sometimes, attackers will send data that's designed to munge your log processing or display, login attempts that are designed to interfere with REgExp, HTML display, SQL statements or anything else. Login attempts for accepted, login attempts with 10,000 characters in them, login attempts that include attacks on the server. On the log processor or anything else. One tremendously important point is to be crisp and clear on what fields come from attackers, I mean users or attackers. (mumbling) I guess I mean either because I don't know how to distinguish in advance. A process name comes from a kernel so it's safe or not. If it's not clear why not, think about where process names come from on a traditional desktop or server operating system. The more exposed to the internet your system is, the more randomly…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.