|[ Team LiB ]|
Areas of Vulnerability
Web applications require an infrastructure to run on including a connection to the Internet—this includes both hardware and software. An example of this is shown in Figure 26.1. To get to a Web application, an end user points a browser at your Web site by typing in a domain name such as www.sams.com. A DNS server converts this domain into an IP address and forwards the end user's request to this IP address. The request has to pass through a varying number of routers depending on how direct a route exists between the end user's machine and your Web site. After going through a number of routers, the request arrives at your Web server. However, rather than letting the Web server be connected directly to the public Internet, a firewall is used to limit the types of requests that can pass into the Web server. Machines on the other side of this firewall are said to be in the DMZ or demilitarized zone—an area in the infrastructure that has been made more secure through the use of the firewall.
Each of these components must be secure in order for the Web application to run as intended. This section discusses some of the vulnerable points in this infrastructure and how they can be attacked.
Domain Name Service (DNS) is the distributed, hierarchical, global directory on the Internet that translates a name (for example, www.sams.com) to an IP address (for example, 188.8.131.52). If this ISP directory structure is tampered with, traffic meant for a Web site can be directed to a Web site under control of a cracker. Also, if a large-scale denial of service attack is launched on multiple DNS servers high in the hierarchy, whole top-level domains (such as .com and .edu) could become inaccessible. DNS servers usually reside at a company's ISP and are not under their direct control. However, you should make sure that your ISP has DNS running on secure servers because if they're tampered with, there's a chance your Web traffic will be affected.
Routers direct traffic from network to network. They're essential to messages getting to their destinations. Routers are designed to communicate with each other for the purposes of delivering messages. They use routing tables to establish the best paths between routers. If a cracker can change these routing tables, he can redirect traffic away from its intended destination. This will make the destination host unavailable to clients. For all intents and purposes, this is the same as shutting down this host.
Most routers allow remote management. This enables network administrators to monitor and restart routers without having to be physically present. However, this also introduces the possibility of giving unauthorized personnel access. Remote access to routers should be monitored and restricted as well as possible. Routers also support many services such as Telnet and SNMP. If these services aren't needed, they should be turned off.
Hosts and Applications
Machines that run Web servers, application servers, databases, and other IT resources are vulnerable to attacks due to the almost infinite number of combinations of hardware platforms, operating systems, and software that they're composed of. Because of their public nature, Web servers must additionally have their IP address directly accessible from the Internet. This makes them a very popular target for crackers. To keep these hosts secure, system administrators must keep a look out for security warnings and subsequent patches from hardware, operating system, and software vendors.
Transactions in the Field
Transactions that are delivered over the Internet in plain text expose themselves to being intercepted and altered. To keep sensitive information private, encrypt it with an algorithm whose strength matches the sensitivity of the information it's protecting. The stronger the algorithm, the more overhead is introduced in encrypting and decrypting communication.
|[ Team LiB ]|