Topic: A useful paper on web application security for punBB and PHP devs

Know your Enemy: Web Application Threats - Using Honeypots to learn about HTTP-based attacks

A recent paper by the Honeynet project that punBB and other PHP developers may find a good read.

From the precis:

"...This KYE paper focuses on application threats against common web applications. After reviewing the fundamentals of a typical attack, we will go on to describe the trends we have observed and to describe the research methods that we currently use to observe and monitor these threats. In Appendix A, we give actual examples of a bot (a variant of PERL/Shellbot), the Lupper worm and an attack against a web Content Management System (CMS) as examples that show how web application threats actually act and propagate."

Very useful.