Computer Security and Penetration Testing Chapter 15 Web Application Vulnerabilities.

Slides:



Advertisements
Similar presentations
Chapter 17: WEB COMPONENTS
Advertisements

ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.
1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
Web Defacement Anh Nguyen May 6 th, Organization Introduction How Hackers Deface Web Pages Solutions to Web Defacement Conclusions 2.
System Security Scanning and Discovery Chapter 14.
Network Security Topologies Chapter 11. Learning Objectives Explain network perimeter’s importance to an organization’s security policies Identify place.
Security+ Guide to Network Security Fundamentals
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
System and Network Security Practices COEN 351 E-Commerce Security.
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.
ASP.NET 2.0 Chapter 6 Securing the ASP.NET Application.
How Clients and Servers Work Together. Objectives Learn about the interaction of clients and servers Explore the features and functions of Web servers.
Web server security Dr Jim Briggs WEBP security1.
Computer Security and Penetration Testing
Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.
Lesson 10 – SECURING YOUR NETWORK Security devices Internal security External security Viruses and other malicious software OVERVIEW.
COMPUTER TERMS PART 1. COOKIE A cookie is a small amount of data generated by a website and saved by your web browser. Its purpose is to remember information.
11 SUPPORTING INTERNET EXPLORER IN WINDOWS XP Chapter 11.
Directory and File Transfer Services Chapter 7. Learning Objectives Explain benefits offered by centralized enterprise directory services such as LDAP.
Internet Safety Basics Being responsible -- and safer -- online Visit age-appropriate sites Minimize chatting with strangers. Think critically about.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.
Securing Windows 7 Lesson 10. Objectives Understand authentication and authorization Configure password policies Secure Windows 7 using the Action Center.
Chapter 4: Security Baselines Security+ Guide to Network Security Fundamentals Second Edition.
1 Infrastructure Hardening. 2 Objectives Why hardening infrastructure is important? Hardening Operating Systems, Network and Applications.
Data Security.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
Networks and Security. Types of Attacks/Security Issues  Malware  Viruses  Worms  Trojan Horse  Rootkit  Phishing  Spyware  Denial of Service.
AIS, Passwords Should not be shared Should be changed by user Should be changed frequently and upon compromise (suspected unauthorized disclosure)
Detrick Robinson & Amris Treadwell.  Computer viruses- are pieces of programs that are purposely made up to infect your computer.  Examples: › Internet.
MCSE Guide to Microsoft Exchange Server 2003 Administration Chapter Four Configuring Outlook and Outlook Web Access.
Csci5233 Computer Security1 Bishop: Chapter 27 System Security.
Chapter 13 – Network Security
XHTML Introductory1 Linking and Publishing Basic Web Pages Chapter 3.
JavaScript, Fourth Edition
IT security By Tilly Gerlack.
Software Security Testing Vinay Srinivasan cell:
11 SECURING YOUR NETWORK PERIMETER Chapter 10. Chapter 10: SECURING YOUR NETWORK PERIMETER2 CHAPTER OBJECTIVES  Establish secure topologies.  Secure.
| nectar.org.au NECTAR TRAINING Module 5 The Research Cloud Lifecycle.
Chapter 13 Users, Groups Profiles and Policies. Learning Objectives Understand Windows XP Professional user accounts Understand the different types of.
Chapter 9 How Do Users Share Computer Files?. What is a File Server A (central) computer which stores files which can be accessed by network users.
1 CHAPTER 3 CLASSES OF ATTACK. 2 Denial of Service (DoS) Takes place when availability to resource is intentionally blocked or degraded Takes place when.
IT internet security. The Internet The Internet - a physical collection of many networks worldwide which is referred to in two ways: The internet (lowercase.
1 Chapter Overview Password Protection Security Models Firewalls Security Protocols.
Network Security. 2 SECURITY REQUIREMENTS Privacy (Confidentiality) Data only be accessible by authorized parties Authenticity A host or service be able.
Computer Networking From LANs to WANs: Hardware, Software, and Security Chapter 13 FTP and Telnet.
Guide to MCSE , Second Edition, Enhanced1 The Windows XP Security Model User must logon with: Valid user ID Password User receives access token Access.
CIS 450 – Network Security Chapter 4 - Spoofing. Definition - To fool. In networking, the term is used to describe a variety of ways in which hardware.
Securing the Network Infrastructure. Firewalls Typically used to filter packets Designed to prevent malicious packets from entering the network or its.
Topic 5: Basic Security.
Vulnerability Scanning Vulnerability scanners are automated tools that scan hosts and networks for known vulnerabilities and weaknesses Credentialed vs.
Lesson 19-E-Commerce Security Needs. Overview Understand e-commerce services. Understand the importance of availability. Implement client-side security.
Chapter 12: How Private are Web Interactions?. Why we care? How much of your personal info was released to the Internet each time you view a Web page?
LESSON 5-2 Protecting Your Computer Lesson Contents Protecting Your Computer Best Practices for Securing Online and Network Transactions Measures for Securing.
Unit 2 Personal Cyber Security and Social Engineering Part 2.
Information Systems Design and Development Security Precautions Computing Science.
NETWORK SECURITY LAB 1170 REHAB ALFALLAJ CT1406. Introduction There are a number of technologies that exist for the sole purpose of ensuring that the.
11 SUPPORTING INTERNET EXPLORER IN WINDOWS XP Chapter 11.
Firewalls. Overview of Firewalls As the name implies, a firewall acts to provide secured access between two networks A firewall may be implemented as.
By: Brett Belin. Used to be only tackled by highly trained professionals As the internet grew, more and more people became familiar with securing a network.
Chapter 40 Internet Security.
How Do Users Share Computer Files?
Working at a Small-to-Medium Business or ISP – Chapter 8
Chapter 6 Application Hardening
Configuring Windows Firewall with Advanced Security
Secure Software Confidentiality Integrity Data Security Authentication
Telnet/SSH Connecting to Hosts Internet Technology.
Chapter 7 – and 8 pp 155 – 202 of Web security by Lincoln D. Stein
Designing IIS Security (IIS – Internet Information Service)
Test 3 review FTP & Cybersecurity
Presentation transcript:

Computer Security and Penetration Testing Chapter 15 Web Application Vulnerabilities

Computer Security and Penetration Testing2 Objectives Recognize Web server vulnerabilities Discuss ways to protect Web servers against vulnerabilities Pinpoint Web browser vulnerabilities Understand session ID exploits List several protective measures for Web browsers

Computer Security and Penetration Testing3 Web Application Vulnerabilities Internet is a collection of interconnected networks Users can access many different kinds of servers Most users are not aware of the sort of applications they are contacting The only time the average user is aware of a Web server is when she sees error messages –See Table 15-1

Computer Security and Penetration Testing4

5 Web Application Vulnerabilities (continued)

Computer Security and Penetration Testing6 Web Application Vulnerabilities (continued) Attacks to services include –Information that has been recorded on Web sites is vulnerable to duplication –FTP user and password can be guessed or hacked –Attackers can use the complexity of the site programming to their benefit –Sites can be hacked to insert destinations for phishing exploits –Intranets can be attacked to glean customer information –Files can be altered and removed

Computer Security and Penetration Testing7 Why the Web Is Vulnerable Internet protocols are essentially insecure Speed and transparency are the watchwords of today’s Internet –At the expense of better security Most Web users place a great deal of trust in the infrastructure of the Internet The general public seem to believe they have nothing to steal, so they have nothing to lose either

Computer Security and Penetration Testing8 Why the Web Is Vulnerable (continued) Weak Passwords –Users must supply authentication to get on the Internet at all –Choose a set of strong passwords Insecure Software Configuration –Microsoft server operating systems are shipped using an easy-to-implement, but unsecured, configuration –Majority of network traffic on the Web is not encrypted –Applications used on Web servers require very specialized knowledge to configure properly

Computer Security and Penetration Testing9 Why the Web Is Vulnerable (continued) Ease of Information Distribution –Internet is primarily an avenue for distributing information –Novel exploits and newly discovered vulnerabilities are widely known upon disclosure Increasingly Sophisticated Hacking Tools Available –Network security professionals and hackers alike develop and discover new tools And innovative methods of attacks that apply to new features of security systems and software

Computer Security and Penetration Testing10 Why the Web Is Vulnerable (continued) Increasingly Sophisticated Hacking Tools Available (continued) –Tools used to exploit Web vulnerability include: Network scanners Password-cracking tools Packet sniffers Trojan horse programs Tools for modifying system log files Tools for automatically modifying system configuration files

Computer Security and Penetration Testing11 Why the Web Is Vulnerable (continued) Access Increasing –An ever-increasing number of people are accessing the Internet every year –Fast access through cable or DSL is also increasing –Brings an increased number of people with access to and interest in the Internet for criminal endeavors

Computer Security and Penetration Testing12 Web Server Vulnerabilities Some of the most important Web server vulnerabilities –Insecure network –Unsecured hardware –Threats from insiders –Weaknesses in site administration tools –Weaknesses in application or protocol design –Weaknesses in operating system software

Computer Security and Penetration Testing13 Insecure Network When the network of an organization is not secure –No data transmission over the Internet or local area network (LAN) is secure Users who have access to the network –Can intercept messages over the network with the use of packet sniffers

Computer Security and Penetration Testing14 Unsecured Hardware If the Web server hardware is not securely protected from unauthorized physical access –No amount of software security can protect that server’s data

Computer Security and Penetration Testing15 Threats from Insiders Most effective computer crime originates within the organizations targeted Motives include boredom, idle curiosity, the challenge, revenge, or financial reward

Computer Security and Penetration Testing16 Weaknesses in Site Administration Tools Web sites are designed to be dynamic A server upon which Web sites are hosted is regularly monitored If you administer your server locally, it is simple to keep your administration tools secure The easier you make it for authorized users to access their sites –The easier it becomes for unauthorized users to access pieces of the Web server

Computer Security and Penetration Testing17 Weaknesses in Application or Protocol Design At the time that software is designed, security is often not of the highest priority This strategy typically produces software that presents unexpected vulnerabilities If a protocol has a fundamental design flaw, then it is vulnerable to various exploits, essentially forever

Computer Security and Penetration Testing18 Weaknesses in System Software All operating system software has vulnerabilities System software is very complicated –And intended to supply the base for all subsequent application layer and presentation layer software System software is the foundation upon which the software is laid The same issues of security as an afterthought apply to system software –As they do to application software

Computer Security and Penetration Testing19

Computer Security and Penetration Testing20 Weaknesses in System Software (continued) Coding Vulnerabilities –API abuse –Access control vulnerability –Authentication vulnerability –Code permission vulnerability –Code quality vulnerability –Cryptographic vulnerability –Environmental vulnerability –Error-handling vulnerability –General logic error vulnerability –Input validation vulnerability

Computer Security and Penetration Testing21 Weaknesses in System Software (continued) Implementation Vulnerabilities –Improper Web server access configuration –Administrative privileges –Default user accounts –Misconfigured file permissions

Computer Security and Penetration Testing22 Protection against Web Application Vulnerabilities This section describes protection methods for –The physical server –The network architecture –The operating system on that server –The Web server application

Computer Security and Penetration Testing23 Securing the Operating System and the Web Server Place your Web server in a demilitarized zone Demilitarized zone (DMZ) –A neutral zone between the private LAN and the public network of an organization –Designed to prevent external users from gaining direct access to any internal servers –Protects LAN from the possibility that your Web server will be hacked by some insider or some outsider

Computer Security and Penetration Testing24 Securing the Operating System and the Web Server (continued) Security measures –Check for all default configurations in the operating system and in the Web server –Dump any default user profiles –Shutdown or even uninstall any services that the server does not need to be running –Modify user groups to guarantee that authorized users have only as much access as they require –Shut down Telnet and anonymous FTP

Computer Security and Penetration Testing25 Securing the Operating System and the Web Server (continued) Security measures (continued) –Use encrypted services like secure shell (SSH) and authenticated FTP –Set your network firewall to ignore HTTP connections to all ports except HTTP and HTTPS ports –Automate OS patch updates so that patches are installed as soon as they are available

Computer Security and Penetration Testing26 Monitoring the Server for Suspicious Activity Measures –Learn what suspicious traffic looks like and monitor system logs for it –Install Snort on your server to search for signature attacks –Install some scripts to watch for attacks on the server –Use tools such as Tripwire, that can run unattended Maintain integrity of password files and registry entries –Set tools to send an to the server administrator or a page to her cell phone

Computer Security and Penetration Testing27 Controlling Access to Confidential Documents Measures –Limit the number of users having administrative or root-level access –Allow only secure shell encrypted remote administration Or authenticated user access through the GUI control panels –Always maintain Web page on a server on the intranet And make all changes to your Web pages from there

Computer Security and Penetration Testing28 Controlling Access to Confidential Documents (continued) Setting Up Remote Authoring and Administration Facilities –Allows you to monitor all user activity on your private development machine –And keep a record of Web server logs on a protected machine Frequently remove unnecessary files from the scripts directory –And remove default documents

Computer Security and Penetration Testing29 Protecting the Web Server on a LAN Prior to connecting the Web server to the Internet –Make certain it has been hardened –And cannot be used as a staging area to attack other computers on the network If the organization has several Web servers and they are maintained by different departments –Remove trust relationships that might exist between them

Computer Security and Penetration Testing30 Checking for Security Issues Periodically, scan Web server with tools such as Nmap or Nessus –To check for possible new vulnerabilities Add a software firewall such as Zone Alarm Pro to your Windows machine –Monitor unexpected activities

Computer Security and Penetration Testing31 Web Browser Vulnerabilities Client side issues are similar to the server side Physical tampering and operating system vulnerabilities do exist –For most users, the main focus is the Web browser The most common source of Web-browser exploits is physical tampering

Computer Security and Penetration Testing32 Cache File When a Web site is accessed –The browser receives files from the Web server that the browser interprets And presents the data to the best of its ability Everything accessed on the Internet is copied to a cache file If the file is available in the cache –The browser displays it in preference to displaying the file available on the server

Computer Security and Penetration Testing33 Cache File (continued) The information saved in the cache files, history file, or bookmarks on a browser –Might pose a threat if accessed by someone intending to gather information about the user If your browser supports HTML 3.0 extensions and Java, and you are not properly configured –Your history file, cache, and other files can be copied from your hard drive And directly uploaded to an attacker’s server by using Java, JavaScript, or ActiveX

Computer Security and Penetration Testing34 History File Allows you to view the pages you have visited in the last user-defined number of days Information regarding the forms you submit on a Web page is also included in the history file History file may include credit card details, user name, or password

Computer Security and Penetration Testing35

Computer Security and Penetration Testing36 Bookmarks Store information about Web pages you have visited –Bookmarks do not expire like history files If you bookmark a Web site that requires entering a password –You can save the username and password An attacker who can access your machine may be able to access your controlled-access sites

Computer Security and Penetration Testing37 Cookies Cookie –Small text file stored on a computer by Web servers –Contains information about the last session when you visited the site Cookies store followed link information and may store username and password information Cookies are stored on well known directories

Computer Security and Penetration Testing38 Cookies (continued) Two flavors of cookies –Session cookies Temporary cookies that are erased when you close your browser at the end of your session –Persistent cookies Remain on hard drive until erased or expired

Computer Security and Penetration Testing39

Computer Security and Penetration Testing40 Location of Web Files Cache Cache information is located in various directories –Depending on the operating system, the browser, and the version of the browser Cache information is typically stored in a subdirectory of the Web browser’s working directory Can change how often browser updates the cache

Computer Security and Penetration Testing41 Browser Information Whenever you log onto a Web site –Browser automatically sends information Logon credentials that are sent to a Web server may compromise the privacy of a computer One of the sites that can be used to acquire information from the Web browser is BrowserSpy

Computer Security and Penetration Testing42 Browser Information (continued) Every time a Web site is visited, the browser automatically sends the following data: –Host address –Web browser’s version –Web browser’s language –Files the Web browser accepts –Characters your Web browser accepts –Browser encoding –Username –HTTP port of the computer

Computer Security and Penetration Testing43 Browser Information (continued) The following information about a computer’s settings may be acquired if JavaScript is enabled: –JVM or Java plug-ins –FTP password –Current resolution –Maximum resolution –Version –Color depth –Platform –Anti-aliasing fonts

Computer Security and Penetration Testing44 Session ID Exploits Once establishing a connection with a server –A user provides authentication information Session ID is generated and then sent to the client –Shows that the user can communicate with the server until that session expires Based on the session ID, the client computer is given access to a variety of services on that server

Computer Security and Penetration Testing45 Session ID Exploits (continued) Sometimes, when sessions expire –Servers permit the same session ID to be used for the next session An attacker can use the same server behavior to access account details –By borrowing the session key and connecting to the server

Computer Security and Penetration Testing46 Web Browser Protection Precautions include –Disable the cache, or set its size to zero –Set browser to clear cache every time you close the browser Look into the file system to see if it is actually doing that –Set the History preference to save for 0 days or, even better, delete the file at the end of the session –Do not set vulnerable pages in your bookmarks –Do not save passwords or set the master password

Computer Security and Penetration Testing47 Web Browser Protection (continued) Precautions include (continued) –Clear cookies file to remove cookies, and make the cookie.txt file read only –Disable JavaScript support and cookies on your browser –Use Firefox browser –Set browser to accept only cookies from trusted sites and the originating Web site –Set Internet security to High, requiring all scripts to ask for permission to run

Computer Security and Penetration Testing48 Summary Protocols upon which the Internet rest are insecure Absence of a fundamentally secure infrastructure, coupled with constantly evolving user expectations, results in quick, easy, and inexpensive Web attacks Factors that lead to vulnerability of data and applications on the Web include weak passwords, and insecure software configuration Hundreds or thousands of Web server programs

Computer Security and Penetration Testing49 Summary (continued) Web server vulnerabilities include an insecure network, insecure hardware, threats from insiders, and weaknesses in site administration tools System software vulnerabilities can be divided into two categories: coding and implementation Several layers require protection in relation to Web services Actions to take for protecting Web servers include securing the operating system and Web server and monitoring the server for suspicious activity

Computer Security and Penetration Testing50 Summary (continued) Primary Web browser vulnerabilities include physical tampering, operating system vulnerabilities, and vulnerabilities inherent in the browser itself Hackers can learn a lot about individuals and organizations due to browser vulnerabilities A session ID serves as a key between a client computer and a server Actions to protect against various browser vulnerabilities include password-protect your screensaver, lock the screen when you are away from your computer, and disable the cache

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.