|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Files upload security considerations
From: Alexander Berezhnoy (alexander.berezhnoy
gmail.com)
Date: Thu Nov 09 2006 - 03:12:52 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hi!
Recently we have got a new requirement for our system which consists
in allowing customers to send us their scanned documents. In this
connexion, I want to find an information about corresponding security
considerations with.
Namely,
- Ways of file delivery (HTTP POST, FTP, e-mail)
- Main risks
- Mitigations
- Formats (JPG, GIF, PDF)
- Signatures
- Known and historic vulnerabilities
We use Weblogic and Struts.
I realize, that there is not enough information to make any decision,
but, at least, there sould be some common considerations and "best
practices".
Thanks in advance,
Alexander.
-------------------------------------------------------------------------
Sponsored by: Watchfire
It's been reported that 75% of websites are vulnerable to attack. That's
because hackers know to exploit weaknesses in web applications.
Traditional approaches to securing these assets no longer apply.
Download the "Addressing Challenges in Application Security" whitepaper
today, and see for yourself.
https://www.watchfire.com/securearea/whitepapers.aspx?id=701500000008YTU
--------------------------------------------------------------------------
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]