Comments on: 70% of websites at immediate risk of being hacked! http://blogs.windowsecurity.com/parker/2007/02/14/acunetix-press-release-2/ Within Don Parker's blog various computer network security issues are discussed. Find coverage on topics such as patch management techniques, reverse engineering, IDS and IPS evasion, anti-virus and firewall usage. Commentary on the top network security news stories and rumors in the blogsphere. Analysis of common security issues faced by Microsoft Windows users and information is shared to help train network security analysts. Wed, 7 Jan 2009 02:27:56 +0000 http://wordpress.org/?v=MU by: Ron Bertino http://blogs.windowsecurity.com/parker/2007/02/14/acunetix-press-release-2/#comment-13295 Wed, 28 Feb 2007 07:40:47 +0000 http://blogs.windowsecurity.com/parker/2007/02/14/acunetix-press-release-2/#comment-13295 Very intersting report. To be honest it doesn't surprise me though. Most people don't have a clue about how to protect systems from hackers. They think that all they need to do is buy an expensive firewall and all of their systems will be safe. Little do they realise that traditional layer 3 firewalls are useless in protecting a network from application layer attacks. It all starts with education, specifically with learning about how to hack. I don't understand how some people can call themselves security consultants if they don't know the first thing about hacking. How can you protect a network if you don't know your enemy? I would suggest starting by reading a book (which you'll find at Amazon) called Hacking Exposed. Very intersting report. To be honest it doesn’t surprise me though.

Most people don’t have a clue about how to protect systems from hackers.
They think that all they need to do is buy an expensive firewall and all of their systems will be safe. Little do they realise that traditional layer 3 firewalls are useless in protecting a network from application layer attacks.

It all starts with education, specifically with learning about how to hack. I don’t understand how some people can call themselves security consultants if they don’t know the first thing about hacking. How can you protect a network if you don’t know your enemy?

I would suggest starting by reading a book (which you’ll find at Amazon) called Hacking Exposed.

]]> by: Don Parker Blog » Blog Archive » Acunetix claim of 7/10 sites hackable challenged http://blogs.windowsecurity.com/parker/2007/02/14/acunetix-press-release-2/#comment-12054 Thu, 15 Feb 2007 15:07:50 +0000 http://blogs.windowsecurity.com/parker/2007/02/14/acunetix-press-release-2/#comment-12054 [...] It did not take long for the Acunetix press release claiming that 7 out of 10 websites could be hacked, to come under fire. This press release which has now turned into a story of its own, has even made it to Slashdot. While I am no web application security specialist I have seen an awful lot of sites that were seen to have exploitable conditions during the course of a vulnerability assessment. Statistics are often refuted, generally by those who don’t agree with them, but the fact remains that there is indeed a ton of websites out there which are insecure. [...] […] It did not take long for the Acunetix press release claiming that 7 out of 10 websites could be hacked, to come under fire. This press release which has now turned into a story of its own, has even made it to Slashdot. While I am no web application security specialist I have seen an awful lot of sites that were seen to have exploitable conditions during the course of a vulnerability assessment. Statistics are often refuted, generally by those who don’t agree with them, but the fact remains that there is indeed a ton of websites out there which are insecure. […]

]]>