Daffodil International University

IT Help Desk => Server Management => Security => Topic started by: imranmahmud on July 17, 2013, 09:26:40 PM

Title: Web threat models
Post by: imranmahmud on July 17, 2013, 09:26:40 PM

Web attacker
Control attacker.com
Can obtain SSL/TLS certificate for attacker.com ($0)
User visits attacker.com

Network attacker
Passive: Wireless eavesdropper
Active: Evil router, DNS poisoning

Malware attacker
Attacker escapes browser sandbox

Title: Re: Web threat models
Post by: jabedmorshed on October 09, 2014, 05:59:07 PM

Good to kn ow.