SlideShare ist ein Scribd-Unternehmen logo

Web Server Application Logs LTEC2013

Als PPT, PDF herunterladen
Michal Špaček
Michal Špaček

1) Web developers build web applications that run on the internet and are accessed through URLs, but these applications can be vulnerable to SQL injection attacks if user input is not sanitized properly. 2) Both web servers and web applications should write log files of requests to help with debugging, performance, and security issues like data breaches. 3) Logging has challenges related to disk space, performance, and reviewing the logs, but reviewing logs can help web developers act as "digital forensics guys" and detect breaches early by searching logs for keywords.

Technologie
1 von 10
Poor Man's Digital Forensics Michal Špaček Lead Web Developer Slevomat.cz www.michalspacek.cz @spazef0rze
Web Developers http://example.com/products I'm a web developer. I've been a web developer since, like, 2000. Web developers, you know, build web applications and web applications run on the Internet and are using addresses just like this one above. www.michalspacek.cz @spazef0rze
So Web Developers http://example.com/product?id=123 The better of us they also build web applications with addresses looking like this one. Such web application displays a lot of useful details about a product or whatever info the developer of the application wants it to display. www.michalspacek.cz @spazef0rze
Wow, Web Developers http://example.com/product? id='+UNION+SELECT+1,2,3,4+# SQL Injection Attack The best of us, web developers, they build applications which display a lot of useful details and also whatever the bad guy wants the application to display. This is called the SQL Injection Attack and it is responsible for some major information leaks in last few years and is caused by the developer not properly handling user input. It is pretty common, unfortunately. www.michalspacek.cz @spazef0rze
Many Web Developers http://example.com/products http://example.com/product?id=123 http://example.com/product? id='+UNION+SELECT+1,2,3,4+# So we are web developers, building web applications. The applications are different, of course, but there's one thing making them all the same, at least from one particular point of view. The applications are viewed from web browsers making requests to web servers. And guess what… www.michalspacek.cz @spazef0rze
All the Internet WEB SERVERS are writing access LOGS! Yes! Exactly. Whenever there's a request coming from a browser no matter what information ends up being sent back to it, the requested address is written down to the server access log. So later you can see what your users are looking for, if needed. www.michalspacek.cz @spazef0rze
All the Internet YOUR WEB APPLICATION should be writing application LOGS! Just like the web server your application can also write logfiles. These files should contain more information and debugging data because your application knows much more about the request than the server. It knows a lot about a user making the request, what they want to buy and what was the result of charging their payment instrument. www.michalspacek.cz @spazef0rze
Many Logs ● Disk s p a c e ● Logger performance ● Somebody has to read logs Of course, logging is not easy. It's hard because logs take space and once your log files are too big there's no more room for other data on the server and the server stops serving requests. The server has to perform well because it simply has more things to do. Your hard drives need to perform well too. And the hardest part about logging is that somebody has to read the logs. www.michalspacek.cz @spazef0rze
Be a Digital Forensics Guy Search the logs for SELECT BUT! If you have logs you can be a digital forensics guy, too! No, not the pro one, but good enough to detect a breach or data leak. Just search the logs for some keywords and while you may get some false positives, you may also spot something. Remember the SQL Injection Attack example? But please, don't modify the logs, the pros need them in their original state. www.michalspacek.cz @spazef0rze
Michal Špaček says Write logs Read logs Before it's too late Here's my advice. Write the logs. Read them as well. A lot of companies don't know they had their data leaked until they read it on TechCrunch or Slashdot. That is well too late. Do something so that you're the first one to know that something went wrong. The second one, actually. The first one is always the guy making it away with your data. www.michalspacek.cz @spazef0rze

Empfohlen

Job hunt sample presentation
Job hunt sample presentationJob hunt sample presentation
Job hunt sample presentationRichmond Public Library
 
Job hunt sample presentation
Job hunt sample presentationJob hunt sample presentation
Job hunt sample presentationAlvinAnderson
 
Service Workers and Their Role in Apps
Service Workers and Their Role in AppsService Workers and Their Role in Apps
Service Workers and Their Role in AppsTasha Penwell
 
Invisible Web - Te,Krislynn
Invisible Web - Te,KrislynnInvisible Web - Te,Krislynn
Invisible Web - Te,Krislynnkrislynnte
 
Introduction to import.io
Introduction to import.ioIntroduction to import.io
Introduction to import.ioAndrew Fogg
 
Online Information Literacy 1206046725957460 5
Online Information Literacy 1206046725957460 5Online Information Literacy 1206046725957460 5
Online Information Literacy 1206046725957460 5menerando
 
Getting Interactive: Chapter 14
Getting Interactive: Chapter 14Getting Interactive: Chapter 14
Getting Interactive: Chapter 14Gene Babon
 
Hit On The Internet
Hit On The InternetHit On The Internet
Hit On The InternetVishal Kapoor
 

Empfohlen

Job hunt sample presentation
Job hunt sample presentationJob hunt sample presentation
Job hunt sample presentationRichmond Public Library
 
Job hunt sample presentation
Job hunt sample presentationJob hunt sample presentation
Job hunt sample presentationAlvinAnderson
 
Service Workers and Their Role in Apps
Service Workers and Their Role in AppsService Workers and Their Role in Apps
Service Workers and Their Role in AppsTasha Penwell
 
Invisible Web - Te,Krislynn
Invisible Web - Te,KrislynnInvisible Web - Te,Krislynn
Invisible Web - Te,Krislynnkrislynnte
 
Introduction to import.io
Introduction to import.ioIntroduction to import.io
Introduction to import.ioAndrew Fogg
 
Online Information Literacy 1206046725957460 5
Online Information Literacy 1206046725957460 5Online Information Literacy 1206046725957460 5
Online Information Literacy 1206046725957460 5menerando
 
Getting Interactive: Chapter 14
Getting Interactive: Chapter 14Getting Interactive: Chapter 14
Getting Interactive: Chapter 14Gene Babon
 
Hit On The Internet
Hit On The InternetHit On The Internet
Hit On The InternetVishal Kapoor
 
How-To Buy Your Blogs Website Nourish Classified By Google ! Along With Live ...
How-To Buy Your Blogs Website Nourish Classified By Google ! Along With Live ...How-To Buy Your Blogs Website Nourish Classified By Google ! Along With Live ...
How-To Buy Your Blogs Website Nourish Classified By Google ! Along With Live ...Alfulthe847
 
Introducing Placemaker
Introducing PlacemakerIntroducing Placemaker
Introducing PlacemakerChristian Heilmann
 
Seo audit fitpass.co.in via Nikola Minkov / Serpact
Seo audit fitpass.co.in via Nikola Minkov / SerpactSeo audit fitpass.co.in via Nikola Minkov / Serpact
Seo audit fitpass.co.in via Nikola Minkov / SerpactNikola Minkov
 
Using import.io in the recruitment industry
Using import.io in the recruitment industryUsing import.io in the recruitment industry
Using import.io in the recruitment industryAndrew Fogg
 
10,000 leads in 10 minutes
10,000 leads in 10 minutes10,000 leads in 10 minutes
10,000 leads in 10 minutesAndrew Fogg
 
Hreflang Tags - Brighton SEO April 2018 - Emily Mace
Hreflang Tags - Brighton SEO April 2018 - Emily MaceHreflang Tags - Brighton SEO April 2018 - Emily Mace
Hreflang Tags - Brighton SEO April 2018 - Emily MaceOban International
 
Facebook Black book 3 - make money online everyday
Facebook Black book 3 - make money online everydayFacebook Black book 3 - make money online everyday
Facebook Black book 3 - make money online everydayEdward806784
 
Electronic Resources for New Staff @ UConn
Electronic Resources for New Staff @ UConnElectronic Resources for New Staff @ UConn
Electronic Resources for New Staff @ UConnerlstephanie
 
New computer project
New computer projectNew computer project
New computer projectBikram2001
 
Optimize URL for Performance
Optimize URL for PerformanceOptimize URL for Performance
Optimize URL for PerformanceMorgan Cheng
 
Html5 History-API
Html5 History-APIHtml5 History-API
Html5 History-APIMindfire Solutions
 
Offline for web - Frontend Dev Conf Minsk 2014
Offline for web - Frontend Dev Conf Minsk 2014Offline for web - Frontend Dev Conf Minsk 2014
Offline for web - Frontend Dev Conf Minsk 2014Jan Jongboom
 
Metatutorial
MetatutorialMetatutorial
Metatutorialelenabenito
 
How to build simple web apps to automate your SEO tasks - BrightonSEO Spring ...
How to build simple web apps to automate your SEO tasks - BrightonSEO Spring ...How to build simple web apps to automate your SEO tasks - BrightonSEO Spring ...
How to build simple web apps to automate your SEO tasks - BrightonSEO Spring ...Charly Wargnier
 
How to Get Money Fast - Make Money Blogging!
How to Get Money Fast - Make Money Blogging!How to Get Money Fast - Make Money Blogging!
How to Get Money Fast - Make Money Blogging!41242serv
 
What is a disavow file?
What is a disavow file?What is a disavow file?
What is a disavow file?Abhishek Mitra
 
Restful_api
Restful_apiRestful_api
Restful_apiVivek Ponugoti
 
INLS461_day14a.ppt
INLS461_day14a.pptINLS461_day14a.ppt
INLS461_day14a.pptwebhostingguy
 
IBM websphere application server types of profiles
IBM websphere application server types of profilesIBM websphere application server types of profiles
IBM websphere application server types of profilesKuldeep Saxena
 
IBM Websphere concepts
IBM Websphere conceptsIBM Websphere concepts
IBM Websphere conceptsKuldeep Saxena
 
Ibm web sphere application server interview questions
Ibm web sphere application server interview questionsIbm web sphere application server interview questions
Ibm web sphere application server interview questionspraveen_guda
 
Websphere interview Questions
Websphere interview QuestionsWebsphere interview Questions
Websphere interview Questionsgummadi1
 

Weitere ähnliche Inhalte

Was ist angesagt?

How-To Buy Your Blogs Website Nourish Classified By Google ! Along With Live ...
How-To Buy Your Blogs Website Nourish Classified By Google ! Along With Live ...How-To Buy Your Blogs Website Nourish Classified By Google ! Along With Live ...
How-To Buy Your Blogs Website Nourish Classified By Google ! Along With Live ...Alfulthe847
 
Seo audit fitpass.co.in via Nikola Minkov / Serpact
Seo audit fitpass.co.in via Nikola Minkov / SerpactSeo audit fitpass.co.in via Nikola Minkov / Serpact
Seo audit fitpass.co.in via Nikola Minkov / SerpactNikola Minkov
 
Using import.io in the recruitment industry
Using import.io in the recruitment industryUsing import.io in the recruitment industry
Using import.io in the recruitment industryAndrew Fogg
 
10,000 leads in 10 minutes
10,000 leads in 10 minutes10,000 leads in 10 minutes
10,000 leads in 10 minutesAndrew Fogg
 
Hreflang Tags - Brighton SEO April 2018 - Emily Mace
Hreflang Tags - Brighton SEO April 2018 - Emily MaceHreflang Tags - Brighton SEO April 2018 - Emily Mace
Hreflang Tags - Brighton SEO April 2018 - Emily MaceOban International
 
Facebook Black book 3 - make money online everyday
Facebook Black book 3 - make money online everydayFacebook Black book 3 - make money online everyday
Facebook Black book 3 - make money online everydayEdward806784
 
Electronic Resources for New Staff @ UConn
Electronic Resources for New Staff @ UConnElectronic Resources for New Staff @ UConn
Electronic Resources for New Staff @ UConnerlstephanie
 
New computer project
New computer projectNew computer project
New computer projectBikram2001
 
Optimize URL for Performance
Optimize URL for PerformanceOptimize URL for Performance
Optimize URL for PerformanceMorgan Cheng
 
Offline for web - Frontend Dev Conf Minsk 2014
Offline for web - Frontend Dev Conf Minsk 2014Offline for web - Frontend Dev Conf Minsk 2014
Offline for web - Frontend Dev Conf Minsk 2014Jan Jongboom
 
How to build simple web apps to automate your SEO tasks - BrightonSEO Spring ...
How to build simple web apps to automate your SEO tasks - BrightonSEO Spring ...How to build simple web apps to automate your SEO tasks - BrightonSEO Spring ...
How to build simple web apps to automate your SEO tasks - BrightonSEO Spring ...Charly Wargnier
 
How to Get Money Fast - Make Money Blogging!
How to Get Money Fast - Make Money Blogging!How to Get Money Fast - Make Money Blogging!
How to Get Money Fast - Make Money Blogging!41242serv
 
What is a disavow file?
What is a disavow file?What is a disavow file?
What is a disavow file?Abhishek Mitra
 

Was ist angesagt? (18)

How-To Buy Your Blogs Website Nourish Classified By Google ! Along With Live ...
How-To Buy Your Blogs Website Nourish Classified By Google ! Along With Live ...How-To Buy Your Blogs Website Nourish Classified By Google ! Along With Live ...
How-To Buy Your Blogs Website Nourish Classified By Google ! Along With Live ...
 
Introducing Placemaker
Introducing PlacemakerIntroducing Placemaker
Introducing Placemaker
 
Seo audit fitpass.co.in via Nikola Minkov / Serpact
Seo audit fitpass.co.in via Nikola Minkov / SerpactSeo audit fitpass.co.in via Nikola Minkov / Serpact
Seo audit fitpass.co.in via Nikola Minkov / Serpact
 
Using import.io in the recruitment industry
Using import.io in the recruitment industryUsing import.io in the recruitment industry
Using import.io in the recruitment industry
 
10,000 leads in 10 minutes
10,000 leads in 10 minutes10,000 leads in 10 minutes
10,000 leads in 10 minutes
 
Hreflang Tags - Brighton SEO April 2018 - Emily Mace
Hreflang Tags - Brighton SEO April 2018 - Emily MaceHreflang Tags - Brighton SEO April 2018 - Emily Mace
Hreflang Tags - Brighton SEO April 2018 - Emily Mace
 
Facebook Black book 3 - make money online everyday
Facebook Black book 3 - make money online everydayFacebook Black book 3 - make money online everyday
Facebook Black book 3 - make money online everyday
 
Electronic Resources for New Staff @ UConn
Electronic Resources for New Staff @ UConnElectronic Resources for New Staff @ UConn
Electronic Resources for New Staff @ UConn
 
New computer project
New computer projectNew computer project
New computer project
 
Optimize URL for Performance
Optimize URL for PerformanceOptimize URL for Performance
Optimize URL for Performance
 
Html5 History-API
Html5 History-APIHtml5 History-API
Html5 History-API
 
Offline for web - Frontend Dev Conf Minsk 2014
Offline for web - Frontend Dev Conf Minsk 2014Offline for web - Frontend Dev Conf Minsk 2014
Offline for web - Frontend Dev Conf Minsk 2014
 
Metatutorial
MetatutorialMetatutorial
Metatutorial
 
How to build simple web apps to automate your SEO tasks - BrightonSEO Spring ...
How to build simple web apps to automate your SEO tasks - BrightonSEO Spring ...How to build simple web apps to automate your SEO tasks - BrightonSEO Spring ...
How to build simple web apps to automate your SEO tasks - BrightonSEO Spring ...
 
How to Get Money Fast - Make Money Blogging!
How to Get Money Fast - Make Money Blogging!How to Get Money Fast - Make Money Blogging!
How to Get Money Fast - Make Money Blogging!
 
What is a disavow file?
What is a disavow file?What is a disavow file?
What is a disavow file?
 
Restful_api
Restful_apiRestful_api
Restful_api
 
INLS461_day14a.ppt
INLS461_day14a.pptINLS461_day14a.ppt
INLS461_day14a.ppt
 

Andere mochten auch

IBM websphere application server types of profiles
IBM websphere application server types of profilesIBM websphere application server types of profiles
IBM websphere application server types of profilesKuldeep Saxena
 
IBM Websphere concepts
IBM Websphere conceptsIBM Websphere concepts
IBM Websphere conceptsKuldeep Saxena
 
Ibm web sphere application server interview questions
Ibm web sphere application server interview questionsIbm web sphere application server interview questions
Ibm web sphere application server interview questionspraveen_guda
 
Websphere interview Questions
Websphere interview QuestionsWebsphere interview Questions
Websphere interview Questionsgummadi1
 
Application server vs Web Server
Application server vs Web ServerApplication server vs Web Server
Application server vs Web ServerGagandeep Singh
 
IBM Websphere introduction and installation for beginners
IBM Websphere introduction and installation for beginnersIBM Websphere introduction and installation for beginners
IBM Websphere introduction and installation for beginnersShubham Gupta
 

Andere mochten auch (6)

IBM websphere application server types of profiles
IBM websphere application server types of profilesIBM websphere application server types of profiles
IBM websphere application server types of profiles
 
IBM Websphere concepts
IBM Websphere conceptsIBM Websphere concepts
IBM Websphere concepts
 
Ibm web sphere application server interview questions
Ibm web sphere application server interview questionsIbm web sphere application server interview questions
Ibm web sphere application server interview questions
 
Websphere interview Questions
Websphere interview QuestionsWebsphere interview Questions
Websphere interview Questions
 
Application server vs Web Server
Application server vs Web ServerApplication server vs Web Server
Application server vs Web Server
 
IBM Websphere introduction and installation for beginners
IBM Websphere introduction and installation for beginnersIBM Websphere introduction and installation for beginners
IBM Websphere introduction and installation for beginners
 

Ähnlich wie Web Server Application Logs LTEC2013

Offline of web applications
Offline of web applicationsOffline of web applications
Offline of web applicationsFDConf
 
The ultimate guide to web scraping 2018
The ultimate guide to web scraping 2018The ultimate guide to web scraping 2018
The ultimate guide to web scraping 2018STELIANCREANGA
 
Teach Your Sites to Call for Help: Automated Problem Reporting for Online Ser...
Teach Your Sites to Call for Help: Automated Problem Reporting for Online Ser...Teach Your Sites to Call for Help: Automated Problem Reporting for Online Ser...
Teach Your Sites to Call for Help: Automated Problem Reporting for Online Ser...Caktus Group
 
DEF CON 23 - BRENT - white hacking web apps wp
DEF CON 23 - BRENT - white hacking web apps wpDEF CON 23 - BRENT - white hacking web apps wp
DEF CON 23 - BRENT - white hacking web apps wpFelipe Prado
 
Is web scraping legal or not?
Is web scraping legal or not?Is web scraping legal or not?
Is web scraping legal or not?Aparna Sharma
 
The Guide to Website Development for Beginners.pdf
The Guide to Website Development for Beginners.pdfThe Guide to Website Development for Beginners.pdf
The Guide to Website Development for Beginners.pdfConnect Solutions
 
What Are We Still Doing Wrong
What Are We Still Doing WrongWhat Are We Still Doing Wrong
What Are We Still Doing Wrongafa reg
 
The Guide to Website Development for Beginners.pptx
The Guide to Website Development for Beginners.pptxThe Guide to Website Development for Beginners.pptx
The Guide to Website Development for Beginners.pptxConnect Solutions
 
Faster Secure Software Development with Continuous Deployment - PH Days 2013
Faster Secure Software Development with Continuous Deployment - PH Days 2013Faster Secure Software Development with Continuous Deployment - PH Days 2013
Faster Secure Software Development with Continuous Deployment - PH Days 2013Nick Galbreath
 
The most efficient development tool is now available in Pakistan.pdf
The most efficient development tool is now available in Pakistan.pdfThe most efficient development tool is now available in Pakistan.pdf
The most efficient development tool is now available in Pakistan.pdfConnect Solutions
 
Datasets, APIs, and Web Scraping
Datasets, APIs, and Web ScrapingDatasets, APIs, and Web Scraping
Datasets, APIs, and Web ScrapingDamian T. Gordon
 
Christian heilmann an-open-web-for-all
Christian heilmann an-open-web-for-allChristian heilmann an-open-web-for-all
Christian heilmann an-open-web-for-allHow to Web
 
Computer Programming for Lawyers
Computer Programming for LawyersComputer Programming for Lawyers
Computer Programming for LawyersNehal Madhani
 
Running a business on Web Scraped Data
Running a business on Web Scraped DataRunning a business on Web Scraped Data
Running a business on Web Scraped DataPierluigi Vinciguerra
 
Information Gathering With Google
Information Gathering With GoogleInformation Gathering With Google
Information Gathering With GoogleZero Science Lab
 
Information Gathering with Google (c0c0n - India)
Information Gathering with Google (c0c0n - India)Information Gathering with Google (c0c0n - India)
Information Gathering with Google (c0c0n - India)Maximiliano Soler
 
Challenges in web crawling
Challenges in web crawlingChallenges in web crawling
Challenges in web crawlingBurhan Ahmed
 

Ähnlich wie Web Server Application Logs LTEC2013 (20)

Offline of web applications
Offline of web applicationsOffline of web applications
Offline of web applications
 
The ultimate guide to web scraping 2018
The ultimate guide to web scraping 2018The ultimate guide to web scraping 2018
The ultimate guide to web scraping 2018
 
Teach Your Sites to Call for Help: Automated Problem Reporting for Online Ser...
Teach Your Sites to Call for Help: Automated Problem Reporting for Online Ser...Teach Your Sites to Call for Help: Automated Problem Reporting for Online Ser...
Teach Your Sites to Call for Help: Automated Problem Reporting for Online Ser...
 
DEF CON 23 - BRENT - white hacking web apps wp
DEF CON 23 - BRENT - white hacking web apps wpDEF CON 23 - BRENT - white hacking web apps wp
DEF CON 23 - BRENT - white hacking web apps wp
 
Is web scraping legal or not?
Is web scraping legal or not?Is web scraping legal or not?
Is web scraping legal or not?
 
The Guide to Website Development for Beginners.pdf
The Guide to Website Development for Beginners.pdfThe Guide to Website Development for Beginners.pdf
The Guide to Website Development for Beginners.pdf
 
What Are We Still Doing Wrong
What Are We Still Doing WrongWhat Are We Still Doing Wrong
What Are We Still Doing Wrong
 
Yahoo for the Masses
Yahoo for the MassesYahoo for the Masses
Yahoo for the Masses
 
The Guide to Website Development for Beginners.pptx
The Guide to Website Development for Beginners.pptxThe Guide to Website Development for Beginners.pptx
The Guide to Website Development for Beginners.pptx
 
Faster Secure Software Development with Continuous Deployment - PH Days 2013
Faster Secure Software Development with Continuous Deployment - PH Days 2013Faster Secure Software Development with Continuous Deployment - PH Days 2013
Faster Secure Software Development with Continuous Deployment - PH Days 2013
 
The most efficient development tool is now available in Pakistan.pdf
The most efficient development tool is now available in Pakistan.pdfThe most efficient development tool is now available in Pakistan.pdf
The most efficient development tool is now available in Pakistan.pdf
 
Web Scraping Services.pptx
Web Scraping Services.pptxWeb Scraping Services.pptx
Web Scraping Services.pptx
 
Large-Scale Web Scraping: An Ultimate Guide
Large-Scale Web Scraping: An Ultimate GuideLarge-Scale Web Scraping: An Ultimate Guide
Large-Scale Web Scraping: An Ultimate Guide
 
Datasets, APIs, and Web Scraping
Datasets, APIs, and Web ScrapingDatasets, APIs, and Web Scraping
Datasets, APIs, and Web Scraping
 
Christian heilmann an-open-web-for-all
Christian heilmann an-open-web-for-allChristian heilmann an-open-web-for-all
Christian heilmann an-open-web-for-all
 
Computer Programming for Lawyers
Computer Programming for LawyersComputer Programming for Lawyers
Computer Programming for Lawyers
 
Running a business on Web Scraped Data
Running a business on Web Scraped DataRunning a business on Web Scraped Data
Running a business on Web Scraped Data
 
Information Gathering With Google
Information Gathering With GoogleInformation Gathering With Google
Information Gathering With Google
 
Information Gathering with Google (c0c0n - India)
Information Gathering with Google (c0c0n - India)Information Gathering with Google (c0c0n - India)
Information Gathering with Google (c0c0n - India)
 
Challenges in web crawling
Challenges in web crawlingChallenges in web crawling
Challenges in web crawling
 

Mehr von Michal Špaček

Víceúrovňová obrana vysvětlená na Cross-Site Scriptingu
Víceúrovňová obrana vysvětlená na Cross-Site ScriptinguVíceúrovňová obrana vysvětlená na Cross-Site Scriptingu
Víceúrovňová obrana vysvětlená na Cross-Site ScriptinguMichal Špaček
 
Lámání a ukládání hesel
Lámání a ukládání heselLámání a ukládání hesel
Lámání a ukládání heselMichal Špaček
 
Fantom Opery, "VPN" a Secure Proxy v Opeře
Fantom Opery, "VPN" a Secure Proxy v OpeřeFantom Opery, "VPN" a Secure Proxy v Opeře
Fantom Opery, "VPN" a Secure Proxy v OpeřeMichal Špaček
 
Quality of Life, Multiple Lines of Defense
Quality of Life, Multiple Lines of DefenseQuality of Life, Multiple Lines of Defense
Quality of Life, Multiple Lines of DefenseMichal Špaček
 
Jak zlepšit zabezpečení čtvrtiny celého webu
Jak zlepšit zabezpečení čtvrtiny celého webuJak zlepšit zabezpečení čtvrtiny celého webu
Jak zlepšit zabezpečení čtvrtiny celého webuMichal Špaček
 
Disclosing password hashing policies
Disclosing password hashing policiesDisclosing password hashing policies
Disclosing password hashing policiesMichal Špaček
 
XSS PHP CSP ETC OMG WTF BBQ
XSS PHP CSP ETC OMG WTF BBQXSS PHP CSP ETC OMG WTF BBQ
XSS PHP CSP ETC OMG WTF BBQMichal Špaček
 
Bezpečnost e-shopů (HTTPS, XSS, CSP)
Bezpečnost e-shopů (HTTPS, XSS, CSP)Bezpečnost e-shopů (HTTPS, XSS, CSP)
Bezpečnost e-shopů (HTTPS, XSS, CSP)Michal Špaček
 
Poučte se z cizích chyb
Poučte se z cizích chybPoučte se z cizích chyb
Poučte se z cizích chybMichal Špaček
 
Minulé století volalo (Cross-Site Scripting + BeEF + CSP demo)
Minulé století volalo (Cross-Site Scripting + BeEF + CSP demo)Minulé století volalo (Cross-Site Scripting + BeEF + CSP demo)
Minulé století volalo (Cross-Site Scripting + BeEF + CSP demo)Michal Špaček
 
Password manažeři detailněji – 1Password, LastPass, 2FA, sdílení
Password manažeři detailněji – 1Password, LastPass, 2FA, sdíleníPassword manažeři detailněji – 1Password, LastPass, 2FA, sdílení
Password manažeři detailněji – 1Password, LastPass, 2FA, sdíleníMichal Špaček
 
Operations security (OPSEC) in IT
Operations security (OPSEC) in ITOperations security (OPSEC) in IT
Operations security (OPSEC) in ITMichal Špaček
 
HTTPS (a šifrování) všude
HTTPS (a šifrování) všudeHTTPS (a šifrování) všude
HTTPS (a šifrování) všudeMichal Špaček
 
HTTP Strict Transport Security (HSTS), English version
HTTP Strict Transport Security (HSTS), English versionHTTP Strict Transport Security (HSTS), English version
HTTP Strict Transport Security (HSTS), English versionMichal Špaček
 
Bezpečnost na mobilních zařízeních
Bezpečnost na mobilních zařízeníchBezpečnost na mobilních zařízeních
Bezpečnost na mobilních zařízeníchMichal Špaček
 
Základy webové bezpečnosti pro PR a marketing
Základy webové bezpečnosti pro PR a marketingZáklady webové bezpečnosti pro PR a marketing
Základy webové bezpečnosti pro PR a marketingMichal Špaček
 
I forgot my password – what a secure password reset needs to have and why
I forgot my password – what a secure password reset needs to have and whyI forgot my password – what a secure password reset needs to have and why
I forgot my password – what a secure password reset needs to have and whyMichal Špaček
 
HTTP Strict Transport Security (HSTS)
HTTP Strict Transport Security (HSTS)HTTP Strict Transport Security (HSTS)
HTTP Strict Transport Security (HSTS)Michal Špaček
 

Mehr von Michal Špaček (20)

Víceúrovňová obrana vysvětlená na Cross-Site Scriptingu
Víceúrovňová obrana vysvětlená na Cross-Site ScriptinguVíceúrovňová obrana vysvětlená na Cross-Site Scriptingu
Víceúrovňová obrana vysvětlená na Cross-Site Scriptingu
 
Lámání a ukládání hesel
Lámání a ukládání heselLámání a ukládání hesel
Lámání a ukládání hesel
 
Fantom Opery, "VPN" a Secure Proxy v Opeře
Fantom Opery, "VPN" a Secure Proxy v OpeřeFantom Opery, "VPN" a Secure Proxy v Opeře
Fantom Opery, "VPN" a Secure Proxy v Opeře
 
Quality of Life, Multiple Lines of Defense
Quality of Life, Multiple Lines of DefenseQuality of Life, Multiple Lines of Defense
Quality of Life, Multiple Lines of Defense
 
Jak zlepšit zabezpečení čtvrtiny celého webu
Jak zlepšit zabezpečení čtvrtiny celého webuJak zlepšit zabezpečení čtvrtiny celého webu
Jak zlepšit zabezpečení čtvrtiny celého webu
 
Medvědí služba
Medvědí službaMedvědí služba
Medvědí služba
 
Disclosing password hashing policies
Disclosing password hashing policiesDisclosing password hashing policies
Disclosing password hashing policies
 
XSS PHP CSP ETC OMG WTF BBQ
XSS PHP CSP ETC OMG WTF BBQXSS PHP CSP ETC OMG WTF BBQ
XSS PHP CSP ETC OMG WTF BBQ
 
Bezpečnost e-shopů (HTTPS, XSS, CSP)
Bezpečnost e-shopů (HTTPS, XSS, CSP)Bezpečnost e-shopů (HTTPS, XSS, CSP)
Bezpečnost e-shopů (HTTPS, XSS, CSP)
 
Poučte se z cizích chyb
Poučte se z cizích chybPoučte se z cizích chyb
Poučte se z cizích chyb
 
Minulé století volalo (Cross-Site Scripting + BeEF + CSP demo)
Minulé století volalo (Cross-Site Scripting + BeEF + CSP demo)Minulé století volalo (Cross-Site Scripting + BeEF + CSP demo)
Minulé století volalo (Cross-Site Scripting + BeEF + CSP demo)
 
Password manažeři detailněji – 1Password, LastPass, 2FA, sdílení
Password manažeři detailněji – 1Password, LastPass, 2FA, sdíleníPassword manažeři detailněji – 1Password, LastPass, 2FA, sdílení
Password manažeři detailněji – 1Password, LastPass, 2FA, sdílení
 
Operations security (OPSEC) in IT
Operations security (OPSEC) in ITOperations security (OPSEC) in IT
Operations security (OPSEC) in IT
 
HTTPS (a šifrování) všude
HTTPS (a šifrování) všudeHTTPS (a šifrování) všude
HTTPS (a šifrování) všude
 
HTTP Strict Transport Security (HSTS), English version
HTTP Strict Transport Security (HSTS), English versionHTTP Strict Transport Security (HSTS), English version
HTTP Strict Transport Security (HSTS), English version
 
Bezpečnost na mobilních zařízeních
Bezpečnost na mobilních zařízeníchBezpečnost na mobilních zařízeních
Bezpečnost na mobilních zařízeních
 
Základy webové bezpečnosti pro PR a marketing
Základy webové bezpečnosti pro PR a marketingZáklady webové bezpečnosti pro PR a marketing
Základy webové bezpečnosti pro PR a marketing
 
I forgot my password – what a secure password reset needs to have and why
I forgot my password – what a secure password reset needs to have and whyI forgot my password – what a secure password reset needs to have and why
I forgot my password – what a secure password reset needs to have and why
 
Hlava není na hesla
Hlava není na heslaHlava není na hesla
Hlava není na hesla
 
HTTP Strict Transport Security (HSTS)
HTTP Strict Transport Security (HSTS)HTTP Strict Transport Security (HSTS)
HTTP Strict Transport Security (HSTS)
 

Kürzlich hochgeladen

A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...gurkirankumar98700
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 

Kürzlich hochgeladen (20)

A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 

Web Server Application Logs LTEC2013

  • 1. Poor Man's Digital Forensics Michal Špaček Lead Web Developer Slevomat.cz www.michalspacek.cz @spazef0rze
  • 2. Web Developers http://example.com/products I'm a web developer. I've been a web developer since, like, 2000. Web developers, you know, build web applications and web applications run on the Internet and are using addresses just like this one above. www.michalspacek.cz @spazef0rze
  • 3. So Web Developers http://example.com/product?id=123 The better of us they also build web applications with addresses looking like this one. Such web application displays a lot of useful details about a product or whatever info the developer of the application wants it to display. www.michalspacek.cz @spazef0rze
  • 4. Wow, Web Developers http://example.com/product? id='+UNION+SELECT+1,2,3,4+# SQL Injection Attack The best of us, web developers, they build applications which display a lot of useful details and also whatever the bad guy wants the application to display. This is called the SQL Injection Attack and it is responsible for some major information leaks in last few years and is caused by the developer not properly handling user input. It is pretty common, unfortunately. www.michalspacek.cz @spazef0rze
  • 5. Many Web Developers http://example.com/products http://example.com/product?id=123 http://example.com/product? id='+UNION+SELECT+1,2,3,4+# So we are web developers, building web applications. The applications are different, of course, but there's one thing making them all the same, at least from one particular point of view. The applications are viewed from web browsers making requests to web servers. And guess what… www.michalspacek.cz @spazef0rze
  • 6. All the Internet WEB SERVERS are writing access LOGS! Yes! Exactly. Whenever there's a request coming from a browser no matter what information ends up being sent back to it, the requested address is written down to the server access log. So later you can see what your users are looking for, if needed. www.michalspacek.cz @spazef0rze
  • 7. All the Internet YOUR WEB APPLICATION should be writing application LOGS! Just like the web server your application can also write logfiles. These files should contain more information and debugging data because your application knows much more about the request than the server. It knows a lot about a user making the request, what they want to buy and what was the result of charging their payment instrument. www.michalspacek.cz @spazef0rze
  • 8. Many Logs ● Disk s p a c e ● Logger performance ● Somebody has to read logs Of course, logging is not easy. It's hard because logs take space and once your log files are too big there's no more room for other data on the server and the server stops serving requests. The server has to perform well because it simply has more things to do. Your hard drives need to perform well too. And the hardest part about logging is that somebody has to read the logs. www.michalspacek.cz @spazef0rze
  • 9. Be a Digital Forensics Guy Search the logs for SELECT BUT! If you have logs you can be a digital forensics guy, too! No, not the pro one, but good enough to detect a breach or data leak. Just search the logs for some keywords and while you may get some false positives, you may also spot something. Remember the SQL Injection Attack example? But please, don't modify the logs, the pros need them in their original state. www.michalspacek.cz @spazef0rze
  • 10. Michal Špaček says Write logs Read logs Before it's too late Here's my advice. Write the logs. Read them as well. A lot of companies don't know they had their data leaked until they read it on TechCrunch or Slashdot. That is well too late. Do something so that you're the first one to know that something went wrong. The second one, actually. The first one is always the guy making it away with your data. www.michalspacek.cz @spazef0rze