Web vulnerabilities

Written on July 8, 2008 by Administrator

Top Ten Reasons why Websites Get Hacked

Experts say most Web applications can be hacked. Here are the top ten vulnerabilities that could put your Web site at risk.

1. Cross site scripting
2. Injection flaws
3. Malicious file execution
4. Insecure direct object reference
5. Cross site request forgery
6. Information leakage and improper error handling
7. Broken authentication and session management
8. Insecure cryptographic storage
9. Insecure communications
10. Failure to restrict URL access

SOURCE: OWASP (the Open Web Application Security Project)

Related Links For added reading : NetworkWorld.com

Types of Network/Internet Security Incidents

Written on June 7, 2008 by Administrator

Probe : Unusual attempts to gain access or discover something about system.

Scan : Many probes done using an automated tool.

Account Compromise : Unauthorized use of a computer account by someone other than the account owner.

Root Compromise : Similar to an account compromise, except that the account that has been compromised has special privileges on the system.

Packet Sniffer : A program that captures data from information packets as they travel over the network.

Denial of Service : The goal of denial-of-service attacks is to prevent legitimate users of a service from using it.

Exploitation of Trust : Computers on networks often have trust relationships with one another. For example, before executing some commands, the computer checks a set of files that specify which other computers on the network are permitted to use those commands. If attackers can forge their identity, appearing to be using the trusted computer, they may be able to gain unauthorized access to other computers.

Malicious Code : Programs like viruses, worms and Trojan horses.

Internet Infrastructure Attacks : Rare attacks on network name servers, network access providers, and large archive sites.

Source

Google adds Web Security

Written on May 27, 2008 by editor

by: Djai Tanji

Google is now adding Web security for net surfing and remote workers to its Google Apps set of office tools. Google Web Security for Enterprise comprising real time malware protection and URL filtering with policy implementation and reporting and this was made possible by Postini, which was last year’s acquisition of security vendor. There is an additional feature that extends the same protections to users who works remotely on laptops in cafes, hotels, restaurants and guest networks. This allows companies to protect their networks from Web-based malware , implement internet use policies at the user, company level and workgroup, and Google Web security will receive comprehensible reporting on all web activities.

Yahoo Team and McAfee: Web Security

Written on May 23, 2008 by editor

by: Djai Tanji

McAfee and Yahoo announced their partnership on Web’s security wherein Yahoo’s search engine is making available to users the warnings about unnecessary and malicious code on Web sites that will be detected through McAfee’s security technology. McAfee calls the technology, SiteAdvisor and this has been integrated into Yahoo’s search engine mechanism making a user, after performing a search, obtain the flagged sites after clicking “searchscan.” However, no Yahoo advertisers will be picked up and flagged in the SiteAdvisor. The yahoo security warning system does not block users from accessing the page but will recommend to avoid the flagged content. With all this preclusion of users from visiting malicious websites, yahoo will lessen the channels obtainable for spam, adware, malware and phishing to spread.

How websites deal with SQL injection

Written on May 20, 2008 by editor

by: Djai Tanji

The substantial SQL injection attacks that struck Microsoft-based websites claimed as one of its victims Autoweb which is a U.K. based advertising and marketing site. The continuous attack that hits Autoweb exploited susceptibility in a single line of code in the web application to cut through the company’s Microsoft SQL database and knock the site offline. Autoweb’s IT staff then realized that database tables which stores content provided by car dealers had been overwritten with a 30-character script and that gave them a window of opportunity. Autoweb blocked the attacks by looking at log files which originated from IP addresses in China. Autoweb did an everyday backing up and asked assistance from Secerno, a U.K. based firm to build a database security appliance.

ScanSafe’s “Web Security as a Service”

Written on May 16, 2008 by editor

by: Djai Tanji

ScanSafe offers a “Web Security as a Service” when report presents state of global information security threats. This offer by ScanSafe provides a managed service which means that there is nothing for customers to install or maintain on-premise, routing its clients’ web traffic by secure proxies to scan content in real-time that will secure them from malware and also give a way for them to impose acceptable web usage policies. They were able to scan more than 80 billion web requests and blocked more than 800 million web threats in 2007 on behalf of corporate customers in more than 50 countries. And password stealing malware was the most frequent type of attacks in the blocked events which was about 37% of total attacks.

All about IP Address

Written on May 10, 2008 by editor

by: Djai Tanji

When you connect to the internet, IP address will be used to identify your PC which means that your IP address is public. So if you do not use security, your IP address will be used to access your computer from the outside world. Bad news is, if you have a fixed IP address, internet crackers can have a lot of time to search for entrances in your computer and have access to your unprotected private data. But if you are using a modem with a dial-up connection, you will get new IP addresses each time you connect to the net. DSL and internet cables are mere samples of fixed internet connections.

Common Windows security problem

Written on May 8, 2008 by editor

by: Djai Tanji

Bad news is, many Microsoft Window users are not aware of common security leaks in their network settings. The common setup for Microsoft Windows’ network computers is: Client for Microsoft Networks, NetBEUI Protocol, File&Printer Sharing for Microsoft Networks, and Internet Protocol TCP/IP. But if your setup allows NetBIOS over TCP/IP, you can have a security problem because this means that your files can be shared all over the web world; and that your log-on name, computer name and workgroup name will be visible for public viewing. Also, if your setup allows File and Printer Sharing over TCP/IP, this also means that your files can be shared all over the net. And it doesn’t mean that you’re safe if your computer is not connected to any network. It can also have dangerous settings because your network settings were changed during the time when internet was installed.

How do you know that you have a secure site?

Written on May 5, 2008 by editor

by: Djai Tanji

Before, when a website uses Secure Sockets Layer (SSL) and when the traffic is encrypted, it is as good as a secured website. But unfortunately, Encryption or that little lock that usually appears in your browser does not completely make a website secure because if your site you are submitting personal data to contains a Vulnerability, this means that an attacker can steal your data. Some sites may contain logos with “secured by ____” but you should not rely on that. A website owner can just copy the image and save thousands of dollars doing that. Better keep in mind that there are specific rules about web security for certain types of sites as well.

RSS security

Written on May 2, 2008 by editor

by: Djai Tanji

RSS was only known before as a “techie tool” but has now grown at a lightening speed and has become a tool that is continuously being utilized by the general population. RSS’ security has been questioned as it gains enormous popularity. But RSS’ podcasting phenomenon is where its vulnerabilities lie. RSS can be used in distributing file types like word documents, images, mp3 files, etc which can be a root of concern although most people may not feel that the risk is significant. They think that by choosing the content that they receive in their mails, security should not be something to be worried about, which is quite wrong. The danger lies in the mere fact that lots of RSS readers, pod-catchers or news aggregators automatically download information contained in the enclosure field despite its file type or source.