Internet Security Whitepapers

Web Application Security - Buffer Overflows

Internet Security Whitepapers Buffer Overflows

Buffer overflows occur when more data is written to memory than was allocated by the program. In other words, the programmer was responsible for properly managing memory and made a common error. It doesn’t take much of an overflow to impact a system. As little as one byte of data can cause a security incident. The scary thing is, buffer overflow vulnerabilities are one of the most popular targets of criminal hackers.

Web Application Security: The Overlooked Vulnerabilities

Internet Security Whitepapers Web Application Vulnerabilities

Are you adequately protecting the web applications that your business depends on? Software flaws are rapidly becoming the vulnerabilities of choice to attackers determined to exploit mission critical systems. However, it isn’t just vulnerabilities in the web applications that organizations need to be concerned about. Vulnerabilities across the entire enterprise application stack—including web and application servers, databases and operating systems—that form the foundation for web applications, also need to be addressed. Publicity around breaches and regulatory pressures are pushing web application security further in the spotlight. Traditional approaches to web application security, including web application firewalls, and web security modules, can be costly and complex, and do not ultimately protect the entire application stack. Host-based intrusion defense with deep packet inspection is a new approach that addresses the need of organizations to shield vulnerabilities across the entire application stack.

Web Application Vulnerabilities and Avoiding Application Exposure

Internet Security Whitepapers Web Application Vulnerabilities

The introduction of BIG-IP® Application Security Manager (ASM) version 9.4.2 marks a major step forward. BIG-IP ASM now offers more features that are easier to use than prior versions, enabling more granular inspection and policy specification, and helping to maintain its position at the vanguard of Web Application Firewalls (WAFs). In truth, BIG-IP ASM version 9.4.2 is more than just a WAF. This version of BIG-IP ASM moves toward the concept of Application Delivery Security, enabling any back-end application—not just traditional web applications like most WAFs do currently—to benefit from its protection. Much like the other products in the BIG-IP line, BIG-IP ASM is part of an end-to-end strategy that integrates security into a high-performance application delivery structure. Security is not about the way communication occurs with the client, it’s about the data that goes to the client.

Web Services Enumeration and Profiling

Internet Security Whitepapers Enumeration

Web services hacking begins with the Web Services Definition Language or WSDL. A WSDL file is a major source of information for an attacker. Examining a WSDL description provides critical information like methods, input and output parameters. It is important to understand the structure of a WSDL file, based on which one should be able to enumerate web services. The outcome of this process is a web services profile or matrix. The scope of this paper is restricted to understanding this process. Once this is done, attack vectors for web services can be defined. The scope of attack vectors will be covered in the next paper.

Web Spam Taxonomy

Internet Security Whitepapers Spamming

Web spamming refers to actions intended to mislead search engines into ranking some pages higher than they deserve. Recently, the amount of web spam has increased dramatically, leading to a degradation of search results. This paper presents a comprehensive taxonomy of current spamming techniques, which we believe can help in developing appropriate countermeasures.

Why Phishing Works

Internet Security Whitepapers Phishing

What makes a web site credible? This question has been addressed extensively by researchers in computer-human interaction. This paper examines a twist on this question: what makes a bogus website credible? In the last two years, Internet users have seen the rapid expansion of a scourge on the Internet: phishing, the practice of directing users to fraudulent web sites. This question raises fascinating questions for user interface designers, because both phishers and anti-phishers do battle in user interface space. Successful phishers must not only present a highcredibility web presence to their victims; they must create a presence that is so impressive that it causes the victim to fail to recognize security measures installed in web browsers.

WIDZ - The Wireless Intrusion Detection System

Internet Security Whitepapers Hacking Wireless Networks

WIDZ version 1 is a proof of concept - It is not up to the standards of (and was never intended to be) great software packages like Snort etc that you might find on FreshMeat and sourceforge. Even given this, the code was very late – as its development has been bogged down by a series of trials some technical, some managerial – For this I apologise but its understandably hard to make time for “home time” development projects when the department that it took you ten years to build up has become a pawn in your boss’ power games (well boo hoo, pull yourself together man) None-the-less WIDZ had some very fresh ideas when it was conceived. We started by intentorising the network – then we studied our own wireless pentests and forensic reviews to establish what is attacked, and how.

Wireless Access Points and ARP Poisoning

Internet Security Whitepapers Hacking Wireless Networks

Wireless networks, specifically 802.11b, have received a tremendous amount of interest and scrutiny from the security community over the past few months. The security community agrees that wireless networks introduce a new point of entry into previously closed wired networks and must thus be treated as an untrusted source, just like the Internet. Standard technologies enable wireless client machines to connect to a local area network made up of other wireless hosts. For wireless networking to be most useful, the wireless networks must pass data on to standard wired networks connected to the Internet. This paper describes the application of a well understood class of attacks on wired networks to the emerging mix of wired and wireless networking equipment.

Writing Secure Software

Internet Security Whitepapers Exploit Writing Techniques

It's often claimed that the biggest problem with security is that practitioners are unclear as to what the problem is. In summary, it's insecure computer software. The best network firewall provides only minimal defense if it permits access to unreliable software. Moreover, any firewall (either appliance or program) is written in software. Similarly, the strongest encryption algorithms may only permit attackers to securely communicate with insecure software.

Yahoo!'s Sign-in Seal and Current Anti-Phishing Solutions

Internet Security Whitepapers Hacking Email Accounts

Yahoo! Sign-in Seal is a feature that allows users to personalize a sign-in page with an image of their choice. Unlike SiteKey, the personalization is tied to the browser/computer and not to a specific user account. This is a critical distinction that causes the two solutions to have quite different properties. Yahoo! users may be phished of their username and password so that a phisher can look for valuable information in their account. To help protect Yahoo! users and combat phishing, Yahoo! developed Sign-in Seal.