Free Essay

Web Server Application Attacks

In:

Submitted By chenequa78
Words 1230
Pages 5
Web Server Application Attacks

April 15, 2015

Strayer University
Spring 2015

Web Server Application Attacks

Increasingly the world is becoming more and more dependent upon technology. With this dependency comes responsibility. In order to assure a company’s success, web security is a key element and has to be taken seriously; it should be at the top of the list when it comes to a company’s priorities. It is better for a company to employ an IT security policy that is more proactive than reactive. Hackers and attackers are constantly developing ways to penetrate infrastructures and there are several web server application vulnerabilities that companies should become familiar with. This document will discuss three common vulnerabilities and attacks; broken authentication, security misconfiguration, and sensitive date exposure. Mitigation strategies will also be discussed.
Broken authentication involves the threat of an attacker stealing critical information such as passwords or other account information. The attacker is then able to pose as the compromised user, acting as if they are them. In most cases, the attacker targets privileged accounts. The impact to the company is as great at the value of the information that was stolen.
According to an article on the website Liquid Web “protecting your application from session ID exploits requires a strong set of authentication and session management controls, secure communication and credential storage. In addition, services like Brute Force Detection (BFD) watch your log files for failed login attempts and will blog IP addresses that have several in a short period of time.”
The picture below shows a simple design of an infrastructure set up to protect web servers from attackers with the use of firewalls adding additional layers of protection making it more difficult for to access the operational server. Figure 1: Diagram of DOS Architecture

Kalman identifies a few pitfalls that can attribute to broken authentication;
1. The URL might contain the session id and leak it in the referer header to someone else.
2. The passwords might not be encrypted either in storage or transit.
3. The session ids might be predictable, thus gaining access is trivial.
4. Session fixation might be possible.” (Kalman, 2015)
Security Misconfiguration
System administrators can create scripts similar to those that attackers are using to exploit their own systems to identify vulnerabilities. Once that is completed you are able to install the necessary patches to protect against it. “The good news is that it’s typically as easy to detect this type of vulnerability as it is to exploit.” (Hamit, 2014)
Steps for prevention are “Have a good (preferably automated) “build and deploy” process, which can run tests on deploy. The poor man’s security misconfiguration solution is post-commit hooks, to prevent the code from going out with default passwords and/or development stuff built in. (Kalman, 2015).
Sensitive Data Exposure “This web security vulnerability is about crypto and resource protection. Sensitive data should be encrypted at all times, including in transit and at rest. No exceptions. Credit card information and user passwords should never travel or be stored unencrypted, and passwords should always be hashed. And while it goes without saying that session IDs and sensitive data should not be traveling in the URLs and sensitive cookies should have the secure flag on, this is very important and cannot be over-emphasized.” (Hamit, 2014)
In order to prevent sensitive data exposure during the transfer of information, a secured protocol such as HTTPS should be used in conjunction with proper certificates. This presents an added layer of security that would not be present with the use of an HTTP. A good rule of thumb to consider when protecting data that has been stored is to purge sensitive data on a regular basis. I cannot be stolen if it has been properly deleted. The data that you need to keep should be stored, encrypted, and the passwords should be hashed. It is also important to remember to treat backups with the same level of security and precaution.
“DNSSEC is meant to prevent DNS based exploits and redirections like DNS cache poisoning attacks by allowing domain names and corresponding IP addresses to be verified using digital signatures and public-key encryption.” DNS Security Extensions (DNSSEC) assists in the protection against the vulnerabilities that were previously discussed within this document. In Federal agencies were required to support DNSSEC on their Web sites under an Office of Management and Budget mandate issued in August 2008. The deadline for compliance was Dec. 31, 2009. (Marsan, 2012) In Marsan’s article, she mentions that although the government was required to implement DNSSEC over two years ago, there are still agencies who have yet to comply. She goes on further to quote subject matter experts who explained why they believe agencies have not been compliant. One CKO of a federal IT research market firm recalls hearing about DNSSEC but was not under the impression that it was high on the list of priorities. Others have mentioned that they believe government agencies could feel that they have enough security measures in place and will not benefit from the implementation of DNSSEC.
There are documented attacks that could have been prevented with DNSSEC. “DNSSEC solves what's called the Kaminsky vulnerability, a fundamental flaw in the DNS that was disclosed in 2008. This flaw makes it possible for hackers to launch cache poisoning attacks, where traffic is redirected from a legitimate Web site to a fake one without the Web site operator or end user knowing.” (Marsan, 2012).
Based on my research it is unclear as to why some government agencies have remained non-compliant. As the security manager at a government agency, I would identify what countermeasures were in place. To remain compliant and cost-effective, I would identify redundancies in the security posture and allow DNSSEC to be the prevailing security mechanism. One complaint that was discovered during my research was its affects to availability in that it delays the server’s response to the user’s request. The delays that have been mentioned however, are not significant enough to ignore regulations with the sole purpose of security. Other problems that are more significant involve digital signatures. DNS does not have access to the signing keys so it prevents notification to the user that a record does not exist. As a part of the plan to mitigate the issues that arise experts suggest that you alphabetize subdomains and include what-if statements such that a response is generated that will appear digitally signed and will notify the user. References

Hamit, J. (2014, April 1). Top Ten Web Security Risks. Retrieved from Credera: https://blog.credera.com/technology-insights/open-source-technology-insights/top-ten-web-security-risks-security-misconfiguration-5/
InternetIdentity.com. (2010, September 22). Q3 State of DNS Report: DNSSEC Deployment in .gov. Retrieved from Internet Identity: internetidentity.com/.../gov_dnssec_deployment_report_201009.pdf
Kalman, G. (2015, April 13). 10 Most Common Web Security Vulnerabilities. Retrieved from Toptal: http://www.toptal.com/security/10-most-common-web-security-vulnerabilities
Liquid Web. (2014, November 13). Tag: Broken Authentication How To Protect Your Ecommerce Site From Holiday Hacks. Retrieved from Liquid Web: https://www.liquidweb.com/blog/index.php/tag/broken-authentication
Marson, C. (2012, March 15). 40% of U.S. government Web sites fail security test. Retrieved from Network World: http://www.networkworld.com/article/2186860/data-center/40--of-u-s--government-web-sites-fail-security-test.html

Similar Documents

Free Essay

Web Server Application Attacks

...Web Server Application Attacks Christopher Jones Theories of Security Management Dr. Alaba Oluyomi Most web attacks are executed by several different methods to interrupt the functions of web servers. Web applications incorporate several applications to make it work properly. The web administrator must monitor the databases, extended markup languages, and script interpreters to stay ahead of hackers. All website that are running on a web server are prone to compromise, even though they are coded. Attackers take advantage of vulnerabilities of the web server. Attacker takes advantage of vulnerabilities within the implementation of TCP/IP protocol suites. With the slow reactions to correct these deficiencies, attackers are shifting to the application layers and mainly the web. This is in part caused by most companies open their firewall systems to web traffic. Most of the attacks are broad, and comes in many versions that fall into similar categories. Companies are making their web servers more secure, so attacks are moving to the vulnerability of web application flaws. Below are types of attacks on a web server 1 Web application vulnerabilities can be categorized as follows; Web server vulnerabilities, Manipulation of URLs, Exploitation of weaknesses in session identifiers and authentication systems, HTML code Injection and Cross-Site Scripting, and SQL Injection. SQL injection is a technique often used to attack data driven applications. This is done...

Words: 1565 - Pages: 7

Premium Essay

Web Server Application Attacks

...Running Head: Web Server Application Attacks Web Server Application Attacks Assignment # 1 Mariz Cebron Common web application vulnerabilities and attacks, and recommend mitigation strategies The World Wide Web has evolved into a critical delivery pipeline for institutions to interact with customers, partners and employees. Via browsers, people use web sites to send and receive information via Hypertext Markup Language (HTML) messages to web applications housed on web servers. This information, expected as legitimate messages, can be used illegitimately in unauthorized ways to compromise security vulnerabilities a.) Authentication - one of the biggest web application weaknesses is the failure to provide a means of strong authentication to verify the end user is whom he/she claims. Prior to accessing a web application, a server may require the end user to authenticate him/herself to identify the user or determine the user's access privileges. To mitigate these risks; employ strong authentication, such as HTTPS, with encrypted credentials, require authentication at specified time intervals or movement between web pages, regularly test authentication and implement authorization. b.) SQL injection - Many web applications do not properly strip user input of unnecessary special characters or validate information contained in a web request before using that input directly in SQL queries. SQL...

Words: 1656 - Pages: 7

Free Essay

Web Application Security

...Web Server Application Attacks Brooks Gunn Professor Nyeanchi CIS 502 July 10, 2013 Web Server Application Attacks Many organizations have begun to use web applications instead of client/server or distributed applications. These applications has provided organizations with better network performance, lower cost of ownership, thinner clients, and a way for any user to access the application. We applications significantly reduce the number of software programs that must be installed and maintained in end user workstations (Gregory 2010). Web applications are becoming a primary target for cyber criminals and hackers. They have become major targets because of the enormous amounts of data being shared through these applications and they are so often used to manage valuable information. Some criminals simply just want vandalize and cause harm to operations. There are several different types of web application attacks. Directory traversal, buffer overflows, and SQL injections are three of the more common attacks. One of the most common attacks on web based applications is directory traversal. This attack’s main purpose is the have an application access a computer file that is not intended to be accessible. It is a form of HTTP exploit in which the hacker will use the software on a Web server to access data in a directory other than the server’s root directory. The hacker could possibly execute commands...

Words: 1620 - Pages: 7

Free Essay

Xerox System

...SYSTEM: CGI ATTACKS A Thesis Presented to The Faculty of the Department of Computer Science San José State University In Partial Fulfillment of the Requirements for the Degree Master of Science by Tejinder Aulakh December 2009 © 2009 Tejinder Aulakh ALL RIGHTS RESERVED ii SAN JOSÉ STATE UNIVERSITY The Undersigned Project Committee Approves the Project Titled INTRUSION DETECTION AND PREVENTION SYSTEM: CGI ATTACKS by Tejinder Aulakh APPROVED FOR THE DEPARTMENT OF COMPUTER SCIENCE Dr. Mark Stamp, Department of Computer Science Date Dr. Robert Chun, Department of Computer Science Date Ms. Sunitha Thummuri, Cisco Systems Date APPROVED FOR THE UNIVERSITY Associate Dean Office of Graduate Studies and Research Date iii ABSTRACT INTRUSION DETECTION AND PREVENTION SYSTEM: CGI ATTACKS by Tejinder Aulakh Over the past decade, the popularity of the Internet has been on the rise. The Internet is being used by its clients to access both static and dynamic data residing on remote servers. In the client-server interaction, the client asks the server to provide information, and, in addition, the server may also request that clients provide information such as in “web forms.” Therefore, the Internet is being used for many different purposes which also include the web servers collecting the information from the clients. Consequently, attacks on the web servers have been increasing over the years. Due to the fact that web servers are now able to produce dynamic web pages based...

Words: 7097 - Pages: 29

Premium Essay

Web Server Security and Database Server Security

...Web Server Security and Database Server Security Databases involve distributed updates and queries, while supporting confidentiality, integrity, availability, and privacy (Goodrich, & Tamassia, 2011). This entails robust access control as well as tools for detection and recovering from errors (2011). When database information is masked, there is still a possibility of an attacker garnishing sensitive data from additional database information that is available, this can be achieved and called an inference attack (2011). For databases, strategies have been designed to mitigate against inference attacks. Cell suppression is a technique used to combat an inference attack, by removing various cells in a database, and are left blank for published versions (2011). The objective is to suppress the critical cells that have relatively important information in them from being obtained in an attack (2011). Another strategy is called Generalization, and this involves replacing published versions of database information with general values (2011). Such as stating a specific date of birth with a range of years, thus a person born in 1990 could be generalized as a range 1985-1992. The critical values are intertwined with the actual values, so they are less discernable in an inference attack (2011). A Noise Addition technique can also be utilized. This requires adding randomized values to real values in a published database (2011). This provides “noise” for all the records of the...

Words: 2494 - Pages: 10

Premium Essay

Lab 8 Assessment

...critical to perform a penetration test on a Web application and a Web server prior to production implementation? To make sure no attackers can penetrate your web application before the Web App goes live. It is critical to perform a penetration test on a Web application because the Web application is running on an Application Server or a Web Server, if an attacker is able to access the application code for how the database is called, it may be able to retrieve information about the database (name, attributes, IP address, etc.) and or access the Web Server and attempt a DoS attack. If a Web form cannot handle the unexpected data and fails to return the expected outcome. You have uncovered a vulnerability in this form; penetration testing in this area help IT security identify the vulnerabilities a Web Application may have.  2. What is a cross-site scripting attack? The goal of an XSS attack is see if the Web Application allows the attacker to have administrative read/write access to the functionality of the Web Application. This attack is a type of computer security vulnerability typically found inweb applications that enables attacks to inject client-side script into web pages viewed and accessed by other users. 3. What is a reflective cross-site scripting attack? If the attacker can type a script in a text field and the script alters or creates a pop-up display, the attacker can use these windows to navigate users off the Web Application pages and to constructed pages with malicious...

Words: 849 - Pages: 4

Premium Essay

Web Application Attack Scenario

...Assignment 1: Web Application Attack Scenario (Student’s Name) (Professor’s Name) (Course Title) (Date of Submission) Introduction Web applications are nowadays serving as a company’s public face to the internet. This has created the need to identify threats and attacks directed to data servers and web applications. Hackers exploit vulnerabilities in input validation and authentication affecting the web application in order to gain illegal access and disclose sensitive data or manipulate it to their benefits. Common threats to data systems Data systems such as the web application and data servers are faced by a number of threats, some of these threats are discussed below: Spoofing: this is a situation where computer assume the identity of another and masquerading where a user assumes to be another (Cross, 2007). If the attacker manages to get high privileges, he can use this to attack the web system to insert or change the data, denial of service, or even damage the system. Scavenging: This is a threat presented by examining available data form accessible sources such as waste, network and search engines. Scavenging might identify the actual information needed by the hacker but in most cases, it is used as a way to select other threats for vulnerabilities that are well established for web systems attack. The information gathered through scavenging include, server software, type of operating system firewall and the application software. This risk highly lies at the client...

Words: 1087 - Pages: 5

Premium Essay

Easy to Find

...with Web Applications Web applications allow visitors access to the most critical resources of a web site, the web server and the database server. Like any software, developers of web applications spend a great deal of time on features and functionality and dedicate very little time to security. Its not that developers don’t care about security, nothing could be further from the truth. The reason so little time is spent on security is often due to a lack of understanding of security on the part of the developer or a lack of time dedicated to security on the part of the project manager. For whatever reason, applications are often riddled with vulnerabilities that are used by attackers to gain access to either the web server or the database server. From there any number of things can happen. They can: •Deface a web site •Insert spam links directing visitors to another site •Insert malicious code that installs itself onto a visitor’s computer •Insert malicious code that steals session IDs (cookies) •Steal visitor information and browsing habits •Steal account information •Steal information stored in the database •Access restricted content •And much more… Preventing Web Application Attacks With dotDefender web application firewall you can avoid many different threats to web applications because dotDefender inspects your HTTP traffic and checks their packets against rules such as to allow or deny protocols, ports, or IP addresses to stop web applications from being...

Words: 830 - Pages: 4

Premium Essay

Lab 8

...#8 – Assessment Worksheet Performing a Web Site and Database Attack by Exploiting Identified Vulnerabilities Course Name and Number: Student Name: Instructor Name: Lab Due Date: Overview In this lab, you performed simple tests to verify a cross-site scripting (XSS) exploit and an SQL injection attack using the Damn Vulnerable Web Application (DVWA), a tool left intentionally vulnerable to aid security professionals in learning about Web security. You used a Web browser and some simple command strings to identify the IP target host and its known vulnerabilities, and then attacked the Web application and Web server using cross-site scripting (XSS) and SQL injection to exploit the sample Web application running on that server. Lab Assessment Questions & Answers 1. Why is it critical to perform a penetration test on a Web application and a Web server prior to production implementation? To make sure no one can penetrate your web application before you put it in a live situation. 2. What is a cross-site scripting attack? Explain in your own words. Cross-site scripting is a type of computer security vulnerability typically found in web applications that enables attacks to inject client side script into web pages viewed by others 3. What is a reflective cross-site scripting attack? A reflective attack a type of computer security vulnerability it involves the web application dynamically generating a response using non-sanitized...

Words: 442 - Pages: 2

Premium Essay

Nt1330 Unit 3 Assignment 1

...As per Figure1.1.4, Web Server communicates with a standard Web Browser using a private channel called SSL/TLS, which ensures the data transaction confidentiality and integrity. SSL is considered as a standard specific to industry, which is adopted by millions of websites in the protection of their online business with their customers. SSL defines a secured abstraction layer of communication on the existing network infrastructure. Once the secure connection is established, the session key will be used to encrypt all transmitted data over the network. Web browser connects to a web server (for example, website) using secured SSL connection. However, the browser requests the server identify itself in order to establish the secured connection on the network. Once the connection is established, the server sends a copy of its SSL Certificate, which includes the server's...

Words: 2324 - Pages: 10

Premium Essay

Test

...Database Attack by Exploiting Identified Vulnerabilities Course Name and Number: MNE 310 Student Name: Carl Sizemore Instructor Name: Williams Lab Due Date: 8/10/2014 Overview In this lab, you verified and performed a cross-site scripting (XSS) exploit and an SQL injection attack on the test bed Web application and Web server using the Damn Vulnerable Web Application (DVWA) found on the TargetUbuntu01 Linux VM server. You first identified the IP target host, identified known vulnerabilities and exploits, and then attacked the Web application and Web server using XSS and an SQL injection to exploit the Web application using a Web browser and some simple command strings. Lab Assessment Questions & Answers 1. Why is it critical to perform a penetration test on a Web application and a Web server prior to production 7 Perform a Website and Database Attack by Exploiting Identified Vulnerabilities implementation? Penetration testing highlights what a real-world hacker might see if he or she targeted the given organization. The Penetraton test will give a security view in operational context and potential flaws can be discovered so that managment can make decisions about whether to allocated security resources to fix any discover problems. 2. What is a cross-site scripting attack? Explain in your own words. Cross-site scripting enables attackers to inject client-side script into web pages. Cross-site attacks occur when an attacker uses a web applicaiton...

Words: 491 - Pages: 2

Premium Essay

Sql Injection.

...ABSTRACT This term paper discusses the security exposures of a server that occur due to a SQL injection flaw in a web application that communicate with a database. Over ten years have passed since a famous hacker coined the term “SQL injection” and it is still considered one of the major application threats. A lot has been said on this vulnerability, but not all of the aspects and implications have been uncovered, yet. This paper aim is to collate some of the existing knowledge, introduce new techniques and demonstrate how to get complete control over the database management system's underlying operating system, file system and internal network through SQL injection vulnerability in over-looked and theoretically not exploitable scenarios. This paper also discuss about the prevention from the SQL Injection, not only in ORACLE but also in PHP, C#, JAVA and other languages. INDEX ABSTRACT………………………………………………………………………………….....02 INTRODUCTION……………….…………………………….…….………………………….04 BLIND SQL INJECTION…………………………………….………………………………..05 SQL INJECTION OVERVIEW…………………………….………………………………....06 CATEGORIES OF SQL INJECTION ATTACKS…………………………………………..07 WHAT’S VULNERABLE…………………………………………………………..…………08 WHAT’S NOT VULNERABLE…………………………………………………….………….08 SQL INJECTION METHODS……………………………………….……………….……….09 SQL MANIPULATION………………………………………………………..……………….09 CODE INJECTION……………………………………………………….……………………10 FUNCTION CALL INJECTION……………………………………………………………….11 BUFFER OVERFLOWS………………………………………………………………………13 ...

Words: 3449 - Pages: 14

Premium Essay

Nt1330 Unit 3 Assignment 1

...increase in the number of users, the attackers are targeting the application layer protocols like SMTP, HTTP, DNS, SNMP and many others. HTTP is an application layer based protocol used by World Wide Web which is primarily responsible for what actions a Web Browser of Server should undertake in reply to the varied commands from the users. This is a protocol for distributed, collaborative, hypermedia information systems, thus making it by far the dominant traffic source in IP networks. Thus due to this rapid expansion and...

Words: 1279 - Pages: 6

Premium Essay

Computer Tricks

...EC-Council Press | The Experts: EC-Council EC-Council’s mission is to address the need for well educated and certified information security and e-business practitioners. EC-Council is a global, member based organization comprised of hundreds of industry and subject matter experts all working together to set the standards and raise the bar in Information Security certification and education. EC-Council certifications are viewed as the essential certifications needed where standard configuration and security policy courses fall short. Providing a true, hands-on, tactical approach to security, individuals armed with the knowledge disseminated by EC-Council programs are securing networks around the world and beating the hackers at their own game. The Solution: EC-Council Press The EC-Council | Press marks an innovation in academic text books and courses of study in information security, computer forensics, disaster recovery, and end-user security. By repurposing the essential content of EC-Council’s world class professional certification programs to fit academic programs, the EC-Council | Press was formed. With 8 Full Series, comprised of 27 different books, the EC-Council | Press is set to revolutionize global information security programs and ultimately create a new breed of practitioners capable of combating this growing epidemic of cybercrime and the rising threat of cyber war. This Certification: C|EH – Certified Ethical Hacker Certified Ethical Hacker is a certification...

Words: 61838 - Pages: 248

Premium Essay

Web Application

...Chapter – 1 INTRODUCTION The world as we know it today is centered on the workings and ability of the World Wide Web. Internet security, however, is one area of concern and poses one of the biggest challenges to this internet savvy era. Our interaction with the internet has increased to such an extent , that experience, mixed with continued research has taught us that with each such interaction, we are prone to many malicious attacks, security lapses and even extremely skilled hacking operations. The field of Network Security and Cryptography has come a long way in the past decade, but it is safe to say that there is a lot more work to be done. Here we choose to concentrate on Web Applications and we particularly approach them from the developer’s perspective. With every step taken towards better security on the internet, end-users are doing their bit to safeguard their systems and data. However, keeping in mind how commercial and competitive the world we live in has become and the manner in which the market for web related products has grown, it becomes imperative for a developer to ensure that his web application is not just marketable as a breakthrough user friendly concept but also as a secure one. We imagine a world where, every skilled developer is able to make phenomenal applications and is able to provide his users with a large amount of credibility and reliability in terms of security. We aim to conceptualize and subsequently generate a security tool exclusively...

Words: 6435 - Pages: 26