By: aathishankaran Emailed: 1698 times Printed: 2202 times
Features are to assess the capabilities provided by each feature and determine which ones pose unacceptable security risks. Minimally, you must consider the following to be risks:
Ø The feature can be used to execute external programs or operating system commands
Ø The feature can be used to read or write arbitrary files located on the server
Ø The feature maintains client information on the browser using cookies or URL encoding.
The above risks only determine whether the feature has the capability to cause security problems-it doesn't mean that he feature is necessarily insecure. For example, CGI programs, ASP, and Live Wire applications are risky according to all three risk indicators. Once you identify a feature as risky, you have to determine whether secure applications can be built using the feature despite its inherent risks and whether the benefits provided by the feature are worth taking a chance. In the case of CGI programs, ASP, and Live Wire applications, the answer is usually yes.
There is nothing inherently insecure about CGI itself. However, CGI programs are a prime source of server-side vulnerabilities. By deploying a CGI program, you are allowing others to execute Program is a potential tool with which to attack your system. Any Security flaws in your CGI programs are directly and continually Accessible, and penetrators are free to repeatedly probe and cajole these flaws until they succeed in accomplishing their clandestine objectives.
Do flaws exist in CGI programs? You bet. Some flaws let attackers read data that should otherwise be concealed. Other flaws let Hackers trash data that is collected from Web users. The most Devastating flaws let penetrators remote execute operating System commands and programs of their choosing.
How do flaws in CGI programs occur? How are they exploited? In Many cases these flaws occur because of poor parameter checking and faulty assumptions on the part of the programmer. For example, consider the case where a CGI program invokes a search- program and passes it the value of a decoded query string. The programmer assumes that the search program will simply search for whatever value is passed. But when the query string is passed, the following in executed:
search string; cat/etc/passwd
In this case, the CGI program returns much more than the search results-it appends the contents of your password file to the search results. The penetrator can then use a password-cracking program to find a password that will let him or her login to your system.
You may wonder why anyone would develop CGI programs that would allow such serious breaches of security. Some programmers don't know any better they are oblivious to the fact that their pro grams may be misused. Some are so focused on developing their Web applications that security is put on the back burner-permanently. However, the biggest problem, by far, is that in most CGI programs, security flaws are difficult to spot. In the cases where they are found, they are often dismissed. "But no one would ever do that" is a common justification for failing to remove an exploitable flaw.
Another problem facing CGI programmers is the fact that the odds are heavily stacked against them. The programmers must eliminate all possible security flaws in order to make their CGI programs secure. The penetrator need only find a single exploitable flaw in order to break into the Web server.
ASP and Live Wire Applications
Although ASP and Live Wire applications provide the same capabilities as CGI programs, they are far less prone to security vulnerabilities. There are a number of reasons why these applications are inherently more secure:
Ø They automatically parse data that is passed to applications and make it available in an easy-to-use manner. This reduces the likelihood of a flaw occurring in the input parsing functions.
Ø Their applications have predefined objects at their disposal, which reduce the complexities of maintaining client information, sharing data between clients, and sharing data between applications. By making it easier to perform common server-side functions, ASP and Livewire help you to develop more reliable and error-free code, thereby lowering the likelihood of an exploitable security flaw.
Ø The less experience a programmer has with a language, the more likely she or he is to make mistakes-potentially exploitable ones.
The above features significantly reduce the likelihood of security vulnerabilities in Live Wire and ASP applications. However, the potential for some vulnerability still exists. For example, suppose an application is designed in such a way that a Livewire redirect () method takes a client property as a parameter. A penetrator could modify client properties (client cookies or URLs) to cause the redirect () function to return a file of the penetrator's choosing.
Be the first one to add a comment
Most Viewed Articles (in JSP )
Most Emailed Articles (in JSP)