Chapter 13. Application-Level Risks
In this chapter, I focus on application-level vulnerabilities and mitigation strategies. The effectiveness of firewalls and network segmentation mechanisms is severely impacted if vulnerabilities exist within accessible network services. In recent years, major security flaws in Unix and Windows systems have been exposed, resulting in large numbers of Internet-based hosts being compromised by hackers and worms alike.
The Fundamental Hacking Concept
Hacking is the art of manipulating a process in such a way that it performs an action that is useful to you.
A simple example is to look at a search engine; the program takes a query, cross references it with a database, and provides a list of results. Processing occurs on the web server itself, and by understanding the way search engines are developed and their pitfalls (such as accepting both the query string and database filename values), a hacker can attempt to manipulate the search engine to process and return sensitive files.
Many years ago, the main U.S. Pentagon, Air Force, and Navy web servers (http://www.defenselink.mil, http://www.af.mil, and
http://www.navy.mil)
were vulnerable to this very type of search engine attack. They used a
common search engine called multigate , which accepted two abusable arguments: SurfQueryString and f. The Unix password file could be accessed by
issuing a crafted URL, as shown in Figure 13-1.
High-profile military ...
Get Network Security Assessment now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
