|
Vulnerability Assessment - The Right Tools to Prot
|
|
Hits: 6 |
|
Date added: 08/02/2007 |
|
Vulnerability Assessment:
The Right Tools to Protect Your Critical Data
Over the last several years, Vulnerability Assessment (VA) has become one of the hottest fields within the computer security
market. VA tools are designed to detect and report on security holes within various software applications, allowing
organizations to take corrective actions before a devastating attack occurs. Due to the reduction in “time to exploit” once a
new vulnerability reaches the public domain, and the regulatory pressures imposed on businesses within a variety of verticals,
the need for reliable vulnerability assessment has never been greater. Unfortunately, the environment in which software
applications are developed today is largely driven by schedule and features, rather then stability or security. This situation has
led to corporate networking being ripe with vulnerabilities there for the picking, and the software vendors are doing very little
to remedy the situation. Risks to corporate applications are further exacerbated by overburdened and understaffed IT
departments. |
|
|
|
|
|
|
Web application defense at the gates, Leveraging IHttpModule
|
|
Hits: 0 |
|
Date added: 09/08/2005 |
|
Web application defense at the gates ? Leveraging IHttpModule
Web applications are vulnerable to many attacks, mainly due to poor input validation at the source code level. Firewalls can block access to ports but once a web application goes live and TCP ports 80 and 443 are accessible, the web application can be an easy prey for attackers. HTTP traffic is legitimate traffic for web applications; all the more reason to include application-level content-filtering over unencrypted and encrypted communication channels. Application-level content filtering is possible to some extent but may not work over HTTPS (port 443). The only way to provide a strong defense is by applying powerful content-filtering at the application-level for both TCP port 80 and TCP port 443.
The .Net framework with ASP.NET provides the IHttpModule interface access to HTTP pipes - the lowest of programming layers - before an incoming HTTP request hits the web application. This can provide defense at the gates. In this paper, we look at how one can build this sort of defense in all three aspects - coding, deployment and configuration. |
|
|
|
|
|
|
|
|
Web Application Footprints and Discovery
|
|
Hits: 0 |
|
Date added: 08/05/2005 |
|
Web application assessment begins with IP address and ports (80/443) - this is very common practice. But there is flaw in this method. What if a web server is running with multiple virtual hosts? In other words, one server is running more than one web application.
In such a scenario, a web application assessment done on such IP/Port combinations may fail and produces partial results. Doing a reverse DNS on the IP and using it as HOST field in HTTP is an option, but may also fail most of the time.
So, where does the solution to this problem lie? The solution lies in the WHOIS information database and DNS server.
This paper describes how to fetch this information and follow up with the discovery process for web applications. |
|
|
|
|
|
|
Web Application Security - The Overlooked Vulnerab
|
|
Hits: 5 |
|
Date added: 05/10/2007 |
|
Web Application Security - The Overlooked Vulnerabilities
Are you adequately protecting the web applications that your
business depends on?
Software flaws are rapidly becoming the vulnerabilities of choice
to attackers determined to exploit mission critical systems.
However, it isn’t just vulnerabilities in the web applications that
organizations need to be concerned about. Vulnerabilities across
the entire enterprise application stack—including web and
application servers, databases and operating systems—that form
the foundation for web applications, also need to be addressed.
Publicity around breaches and regulatory pressures are pushing
web application security further in the spotlight. Traditional
approaches to web application security, including web
application firewalls, and web security modules, can be costly
and complex, and do not ultimately protect the entire application
stack. Host-based intrusion defense with deep packet inspection
is a new approach that addresses the need of organizations to
shield vulnerabilities across the entire application stack. |
|
|
|
