This document discusses website attacks and defenses against them. It describes common attack methods like SQL injection that target vulnerabilities in website databases. The document outlines different types of attacks, including passive and active attacks, and defenses against each. Specifically, it discusses controls for denial of service attacks, including firewalls and filtering spoofed packets. It also details SQL injection sources, types, and prevention techniques to safeguard websites through secure coding practices and detection systems.
2. What is website defacement?
It’s a work of system crackers.
What are system crackers?
-black hats, white hats
“SQL Injection” the most common
method
Harmless defacement/uploading
malware
Second method by FTP
3. What do you mean by “ATTACKS”?
Types:
1. Passive :
-Read only attack
-silent in nature
-difficult to detect
2. Active:
-Data alteration or disruption
-wide used technique(IP masquerading)
-Denial of services(DOS)
-Ping of death
4. C ONTROL MEASURES
For Ping of death attack:
Prohibit creation of ICMP packets of invalid size
For Denial of Service attack:
Firewalls and routers at network boundaries can
use filters to prevent spoofed packets from
leaving the network
Filter incoming packets with a broadcast address
Turning off direct broadcasts on all internal
routers
Block known private IP addresses being used as
destination IP (e.g., 10.0.0.0, 172.16.24.0,
192.168.0.0, 224.0.0.0, 127.0.0.1)
5. Web server- h/w and s/w
Common use- host website
Other uses – gaming, data
storage, running enterprise
application
What is “SQL Injection”?
6. S OURCES OF SQL I NJECTION
Injection through user input
Malicious strings in web forms
Injection through cookies
Modified cookie fields contain attack strings
Injection through server variables
Headers are manipulated to contain attack strings
Second order injection
Trojan horse input seems fine untill used in a certain
situation
7. T YPES OF SQL I NJECTIONS
Piggy backed queries
Tautologies
Alternate encodings
Inference
Illegal/logically incorrect queries
Union query
Stored procedures
8. C OUNTER MEASURES
Prevention
Augment code
Detect vulnerabilities in code
Safe libraries
Detection
detect attacks at runtime
9. P REVENTION TECHNIQUES
Penetration technique
Defensive coding best practices
Static analysis of code
Safe development libraries
Proxy filters
10. C ONCLUSIONS
SQLIAs have:
Many sources
Many goals
Many types
Detection techniques can be effective, but
limited by lack of automation
Prevention technique can be very effective, but
should move away from developer defence