Vulnerability Assessment of IPv6 Websites to SQL Injection and Other Application Level Attacks
| Autor: | Jen-Yi Pan, Ying-Chiang Cho |
|---|---|
| Rok vydání: | 2013 |
| Předmět: |
Article Subject
Computer science computer.internet_protocol lcsh:Medicine Computer security computer.software_genre lcsh:Technology General Biochemistry Genetics and Molecular Biology SQL injection lcsh:Science General Environmental Science Black box (phreaking) lcsh:T Address space business.industry lcsh:R General Medicine Application layer IPv4 IPv6 lcsh:Q The Internet business Web crawler computer Research Article |
| Zdroj: | The Scientific World Journal The Scientific World Journal, Vol 2013 (2013) |
| ISSN: | 1537-744X |
| Popis: | Given the proliferation of internet connected devices, IPv6 has been proposed to replace IPv4. Aside from providing a larger address space which can be assigned to internet enabled devices, it has been suggested that the IPv6 protocol offers increased security due to the fact that with the large number of addresses available, standard IP scanning attacks will no longer become feasible. However, given the interest in attacking organizations rather than individual devices, most initial points of entry onto an organization's network and their attendant devices are visible and reachable through web crawling techniques, and, therefore, attacks on the visible application layer may offer ways to compromise the overall network. In this evaluation, we provide a straightforward implementation of a web crawler in conjunction with a benign black box penetration testing system and analyze the ease at which SQL injection attacks can be carried out. |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|
Plný text