If I can see a person standing in front of a neighboring house inspecting the windows and the doors, should I call the police?
Maybe it is the air-condition technician looking for the best place to install a new air-condition unit, or maybe it is a robber doing reconnaissance and checking what is the easiest way to get into the house. It is hard to tell!
Now what if I can see a user sending requests to non-existing pages in my application?
Maybe these are broken links created mistakenly by that user, or maybe these are attack reconnaissance, pre-attack activity done by a malicious user. It is also hard to tell!
Continue reading on InfoSec Island - http://www.infosecisland.com/blogview/24626-How-to-Tell-a-Landscaper-From-a-Thief.html
No comments:
Post a Comment