Common Web Vulnerabilities

• Buffer Overflow Attacks
• Denial of Service
• Attacks on vulnerable scripts
• URL Manipulation
• Sniffing / Spoofing Credentials
• Client Parameter Manipulation
• Brute Force Attacks
• Web Server Fingerprinting
• Web Defacements

Take web servers seriously, server security is essential for web security, recommendations:

Harden servers from attack

• Use a hardening guide like CIS or MS
• Use Windows Security Templates
• Audit Users, Groups and Permissions
• Enable DEP to prevent buffer overflows

• Follow Best Practiceso SSL Certificate
o Patching, Host Based Firewall & Anti-Virus
o Password Policy and Lockout

PHP, Java ServletEngine, Mod_PERL, etc

• Secure configuration
o PHP Suhos in& Hardening Patch
o PHP Security Consortium -Security Guide
o Perl security Guide
• http://perl.apache.org/docs/1.0/guide/security.html
• Include framework in patch cycle

Client & Browser Security

• What’s a Browser? Word, RSS, OS, etc
• These are all vulnerable to web attacks
• Educate users about HTTPS
• Audit ActiveX controls
o Don’t Allow installation of unsigned ActiveX
o Don’t Prompt user to install unsigned ActiveX
• Patch Helper Applications Secunia
o Secunia.com/software_inspector-requires Java

Session Security & Authentication

• Anything passed to client is readable
o Hidden fields and cookies aren’t hidden
o Use Webscarabor other proxy to analyze
• Encrypt info in cookies and hidden fields
o Apply a timestamp to sensitive variables
o Use strong sessionIDs>16 chars

Javascriptand XSS are Serious Threats

• Javascriptis compatible across major browsers
o It’s a powerful language
o Exploits will probably become more insidious
• XSS Vulnerabilities are plentiful

In scripts, only allow valid data; if that breaks, filter out bad stuff.

o White list then blacklist