Protecting Email Applications At Risk

7/9/04 @10:36 in Feature Stories by BJ Gillette
Tags: Security

How many applications exposed to the web are in danger of attack? According to Imperva’s study, most of them. The five most prevalent vulnerabilities:

Type of Attack	Apps at Risk
Cross-site scripting	79%
SQL injection	62%
Parameter changing	61%
Permissions exploiting	53%
Information collecting	37%

That’s not the worst of it. Imperva discovered that, upon retesting, 60% of the apps were still wide open, due to conflicting upgrades, wrong fixes, undone fixes or failed fixes.

E-mail servers are especially troublesome since, by nature, they jabber with the outside world around-the-clock… and they’re chock-full of the secrets bad guys crave. So what’s an admin to do?

Here’s a thought: Start by mounting an email gateway on your firewall’s DMZ. Then set your firewall to allow inbound SMTP only from the gateway. Your mail server’s risk of penetration will drop dramatically… along with those pesky spam and virus problems.

How easy was that?

Easy, Expert iPod Repair
FixedHere! Service-In-A-Box for iPod is the easiest way to get your sad or broken iPod singing again. »

Adware Apple Broadband Browsers Email Exchange Groupware Identity Theft IM Intellectual Property Linux Lotus Microsoft Misc. Mobile Open Source Operating Systems P2P Phishing Privacy Programming Scams Search Security Spam Spyware Viruses VOIP Vulnerabilities Wireless

Network Tools

Mail Server Profiler

DNS Lookup

IP Address Lookup

Whois Lookup

Ping

Global Virus Watch

News Sections

Feature Stories

NewsBytes

NewsWire

Recent Comments

Merchant Accounts on How To Filet Yet Another PayPal Phish
Lloyd Work on Comodo Anti-Virus: Savior or Devil In Disguise?
MuohioStudent on Does Windows Patch Without Permission?
registry cleaner on Combine 3 Free Tools for a Complete Windows Registry Fix
john.jones.name on State of E-Mail Authentication: SPF Dead, Others on Life Support
Joe Kayak on Cartridge World Bait and Switch?
Russell Wallace on It's The World's Best RSI Keyboard, And You Can't Buy It
Jennifer on Cartridge World Bait and Switch?
Sweeper on Is Everyone Running Naked With Wireless?
Dan on Cartridge World Bait and Switch?

No comments

Comments feed for this article

Name Email Website 5 + 1 =

Your comment

About Email Battles

Submit News

Contact Us

RSS Feed

BJ Gillette, Editor

NewsBytes
Chase trashes Circuit City customers
9/7/06 @15:06 | Comment
Vista for 100 bucks?
8/28/06 @15:05 | Comment
Dropped iPod Leads to Terror Alert
8/25/06 @15:04 | Comment
Intel Wi-Fi update ate my CPU cycles
8/24/06 @13:04 | Comment
Email Battles down for the count
8/23/06 @20:11 | Comment
Read more NewsBytes »
NewsWire
Log Buffer #71: a Carnival of the Vanities for DBAs
11/16/07 @13:05 | Comment
Zune 8-Gig Disassembled Live
11/16/07 @13:05 | Comment
Possible Hizbullah Mole Inside the FBI and CIA
11/16/07 @13:05 | Comment
US Mobile Operator Discounts for Developers, IT Pros and MSPP Partners
11/16/07 @13:04 | Comment
Computer Security Consultant Controlled 250,000 Compromised PCs
11/16/07 @13:04 | 1 comment
Read more from the NewsWire »

Other Resources
Addict3d / Broadband News / Center for Democracy and Technology / Comco, Inc. / Comco: 3480/3490/3490e Tape Drives / Comco: 3590/3590e Tape Drives / Comco: 9-Track Tape Drives / Computerworld Email News / Emarketer Daily / FixedKwik! / Fraud, Phishing and Financial Misdeeds / GameCube Repair / Google Spam News / hack in the box / Help Net Security / IBM Lotus: Ed Brill / IBM Lotus: The Power Of the Schwartz / iPod Repair / Martin McKeay / Microsoft: Peter de Haas / Microsoft: You Had Me At EHLO / MillerSmiles / NewsNow: Security / NewsNow: Spam / OpenDNS Blog / Playstation Repair / Securence / Service Provider Journal / Slashdot / Slyck / Spam Huntress / Spam Kings / Spam Newstrove / Spamblogging / SpamRoll / Spyware Confidential / Tape Drive Repair / Techdirt / TOASTEDspam / Virus.Org / Vmyths / War On Spam / Wi-Fi Networking News / Xbox Repair / Yahoo Spam News / ZDNet news / Zeropaid /

Copyright © 2009 2A Data, Inc. All rights reserved. Privacy policy.

Subscribe to feed