ASP.NET is a double edged sword{1}


This article is about how exploit code was now being used to hack websites that use the Microsoft’s ASP.NET web development software.  It problem is identified as “CVE-2011-3414″ and was given out by the Chaos Communication Congress.  They describe the attack to be able to consume all of the web server’s cpu usage.”  This means that it would effectively slow down the process that are provided by the camp.  During the date of this article being written, a user called HybrisDiaster, said that they would give the code as open source and anyone or everyone should give it a try.  However, that is why Microsoft came out with an “out of band” patch, so that it may nullify the hack.  This gets complicated because since it will be open source, many people will find a way to use it.

I chose this article because in class we are talking about the robustness of ASP.NET and how it’s platform can change the the flow of how people go on a website.  The code is slightly different from CSS and HTML, however, it does make a great way to apply processes in a more efficient way.  I found this article very interesting because I am very interested on this Hacktivist group and what they’re purpose and that they even have a known motto.  Hopefully, there will be more stories about this group.

References
Constantin, L. (2012, January 10). Attack Code Published for Serious ASP.NET DoS Vulnerability. PC World. Retrieved May 20, 2012, from http://www.pcworld.com/businesscenter/article/247731/attack_code_published_for_serious_aspnet_dos_vulnerability.html