Professional Documents
Culture Documents
The Website
Injections There are multiple ways developers can prevent injection attacks,
one of the main methods being white list input validation. White list input
validation creates a list of what the user can input in the field and any string
that does not match the white list then it is not sent to the database as a
query. Character replacement treats the ampersand symbol as a SQLPlus
variable and if enabled could enable an attacker to retrieve private data. It is
recommended to disable character replacement. The policy of least privilege
is also recommended for database accounts. It is only recommended to
provide accounts with the least amount of privileges necessary to complete
their needed functions.
Cross-site scripting Cross-site scripting is a serious and often attempted
attack by individuals with malicious intent. One of the first ways to prevent
cross-site scripting attacks is to not allow any untrusted data to be inputted
into an HTML document. It is also critical to never accept JavaScript code
from any untrusted sources. It is also recommended to utilize a content
security policy by implementing a client based source whitelist which creates
a list of applications the browser will allow to load resources from.
Denial of Service Denial of service and distributed denial of service attacks
are generally done using a few various type of applications. The applications,
if a standard attack, utilize some known port types and administrators can
block these ports at the edge router to aide in preventing denial of service
attacks. It is also good practice to rate limit ICMP and SYN packets. TCP
communication utilizes SYN packets so if the rate limiting is to low it could
affect non malicious traffic. It is also recommended to alter some registry
keys in Windows Server that can assist in preventing denial of service
attacks. These registry keys include items such as: synattackprotect,
tcpmaxconnectresponseretransmissions and tcpmaxdataretransmissions.
Brute Force Brute force attacks can generally be prevented a bit easier than
other types of attacks. It is recommended to setup all account with strong
passwords with a minimum of ten characters. The attacker could still attempt
many times to break through the username and password security so it is
recommended to set an account lockout threshold of three attempts. This
would give the attacker only three attempts to succeed before an
administrator must intervene and unlock the account. Multi-factor
authentication is also a solution for brute force attacks. Multi-factor
authentication usually requires authentication to be with something you
have, such as a smartcard or fingerprint, and something you know, such as a
username and password.
Buffer Overflow Buffer overflow is another common web server attack but,
with the right precautions, can be prevented. One of the main prevention
techniques to implement to prevent buffer overflow attacks is validation
input. Validation input is used to keep unexpected data from being processed.
It is also important to ensure that the operating system the web server is on
is fully patched. It is also important to regularly utilize vulnerability scanning
to see if your web application is susceptible to this or any other
vulnerabilities. Vulnerability scanning can also assist in making your you are
not missing any important security patches.
Sources:
Jason Ragland(09/08/2015). Windows Server 2012 R2 Hardening Checklist.
Retrieved From
https://wikis.utexas.edu/display/ISO/Windows+Server+2012+R2+Hardening+Check
list