Chapter 14. Application-Level Risks
In this chapter, I focus on application-level vulnerabilities and mitigation strategies. The effectiveness of firewalls and network segmentation mechanisms is severely impacted if vulnerabilities exist within accessible network services. In recent years, major security flaws in Unix and Windows systems have been exposed, ressulting in large numbers of Internet-based hosts being compromised by hackers and worms alike.
The Fundamental Hacking Concept
Hacking is the art of manipulating a process in such a way that it performs an action that is useful to you.
A simple example can be found in a search engine; the program takes a query, cross-references it with a database, and provides a list of results. Processing occurs on the web server itself, and by understanding the way search engines are developed and their pitfalls (such as accepting both the query string and database filename values), a hacker can attempt to manipulate the search engine to process and return sensitive files.
Many years ago, the main U.S. Pentagon, Air Force, and Navy web
servers (http://www.defenselink.mil, http://www.af.mil, and http://www.navy.mil) were vulnerable to this very type of
search engine attack. They used a common search engine called multigate, which accepted two abusable
arguments: SurfQueryString and
f. The Unix password file could be
accessed by issuing a crafted URL, as shown in Figure 14-1.
High-profile military ...
Get Network Security Assessment, 2nd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
