Sunday, 4 December 2016

Some Web Application Security Key Points.......

Web application security is a branch of Information Security that deals specifically with security of websitesweb applications and web services. At a high level, Web application security draws on the principles of application security but applies them specifically to Internet and Web systems.

Design Web Application Security Architecture:
A typical web application architecture contains 3 tiers, separating the externally-facing 
web server from the internal application server and database server. With a tier-based 
architecture such as this, even if an attacker compromises an externally-facing web server 
from the outside, they still have to find ways to gain access and attack the internal 
network. This is the principle of defence-in-depth protection. Defence-in-Depth is a 
practical approach to information security. The fundamental concept always centres on 
the idea of multiple layers of security to protect vital assets. Layers of security include 
input validation, database layer abstraction, server configuration, proxies, web application 
firewalls, data encryption, OS hardening, and so on.

The majority of web application attacks occur through cross-site scripting (XSS) and SQL injection attacks which typically result from flawed coding, and failure to sanitize input to and output from the web application.

Cross-site Scripting:
Cross-site Scripting (XSS) refers to client-side code injection attack wherein an attacker can execute malicious scripts (also commonly referred to as a malicious payload) into a legitimate website or web application. XSS is amongst the most rampant of web application vulnerabilities and occurs when a web application makes use of unvalidated or unencoded user input within the output it generates.
By leveraging XSS, an attacker does not target a victim directly. Instead, an attacker would exploit a vulnerability within a website or web application that the victim would visit, essentially using the vulnerable website as a vehicle to deliver a malicious script to the victim’s browser.
While XSS can be taken advantage of within VBScript, ActiveX and Flash (although now considered legacy or even obsolete), unquestionably, the most widely abused is JavaScript – primarily because JavaScript is fundamental to most browsing experiences.

SQL Injection:
A SQL injection attack is exactly what the name suggests – it is where a hacker tries to “inject” his harmful/malicious SQL code into someone else’s database, and force that database to run his SQL. This could potentially ruin their database tables, and even extract valuable or private information from their database tables. The idea behind SQL injection is to have the application under attack run SQL that it was never supposed to run. 
  • SQL injection attacks allow attackers to spoof identity, tamper with existing data, cause repudiation issues such as voiding transactions or changing balances, allow the complete disclosure of all data on the system, destroy the data or make it otherwise unavailable, and become administrators of the database server.
  • SQL Injection is very common with PHP and ASP applications due to the prevalence of older functional interfaces. Due to the nature of programmatic interfaces available, J2EE and ASP.NET applications are less likely to have easily exploited SQL injections.
  • The severity of SQL Injection attacks is limited by the attacker’s skill and imagination, and to a lesser extent, defense in depth countermeasures, such as low privilege connections to the database server and so on. In general, consider SQL Injection a high impact severity.


No comments:

Post a Comment