An example listing of components in an Applications environment:
application firewall
web server
application server
middleware servers
databases
web caches
stateful firewalls
routers
switches
Domain Servers
OTP servers
RSA secureID servers
PKI /TACACS/Radius servers-HIDS/HIPS
NIDS/NIPS
Syslog and log aggregation servers
Anti-Virus servers/appliances
Load Balancers/reverse proxies
Top network level threats include:
- Information gathering
- Sniffing
- Spoofing
- Session hijacking
- Denial of service
Top host level threats include:
- Viruses, Trojan horses, and worms
- Footprinting ( ping sweep, NETBIOS enumeration).
- Profiling
- Password cracking
- Denial of service
- Arbitrary code execution
- Unauthorized access
refer for notes http://www.ixiacom.com/pdfs/library/white_papers/SecurityOverviewWhitePaper.pdf
