Printed from www.pcpro.co.uk
9. Disclose your vulnerabilities
Posted on 12 May 2008 at 15:07
IT security revolves around the concept of vulnerability: the attacker wants to find and exploit it, while your aim is to ensure that it doesn't exist. Unfortunately, while the former is child's play, the latter is harder than it may seem. As Lawson explains: "All software has faults; this is an immutable fact about code written by humans. It's critically important computer systems are kept up to date, as the updates fix the bugs that could lead to a compromise by a hacker. Microsoft has made this incredibly easy with the Automatic Updates tool. Ensure this tool is running to download updates automatically. Corporate environments should test all updates prior to deployment to ensure the update doesn't affect business functions."
The Microsoft Baseline Security Analyzer (www.microsoft.com/technet/security/tools/mbsahome.mspx) is another easy-to-use tool designed for the IT professional that can help small and medium-sized businesses to determine their security state in accordance with Microsoft security recommendations.
But what about when you move away from your computer and the vulnerabilities of the OS, and look towards your website instead? Fogerty recommends two distinct approaches: web-server and web-application testing. "With web-server testing you're testing the underlying web server (IIS, Apache) to make sure it's patched and in a hardened configuration. Run free tools like Nikto or Nessus to check for vulnerabilities," he says. Both are available to members of Hackerwhacker as mentioned earlier.
"With web-app testing, you are looking at the application that sits on the web server. This is usually a custom application and could be susceptible to SQL Injection, Cross Site Scripting (XSS) and Cross Site Request Forgery (CSRF) vulnerabilities if the developers have not used 'defensive programming'; that is, not validating input from the client before acting on it," Fogerty adds. "There are plenty of free web-app testing proxy tools that act as a middle-man between the client and server. You can then insert 'malicious' data into the HTTP stream to see if the web app fails to deal with it." Try Achilles (www.mavensecurity.com/achilles), Burp (www.portswigger.net/proxy) or Paros (www.parosproxy.org/download.shtml) for starters.
Author: Davey Winder
advertisement
- £90 million buys South Yorkshire 25Mbits/sec broadband
- Twitter ready to splash out... and run ads
- LogMeIn Express offers fuss-free screen sharing
- Kindle calms customers with library update
- Photoshop app arrives on Android
- Google: we won't remove "disturbing" Obama image
- Internet Explorer hit by zero-day misery
- Sky Player shows up in Windows 7
- Tweetlevel reveals most influential Twitterers
- Apple "refuses to repair smokers' Macs"
- Need a bit of extra Christmas cash? Grass up your boss, says BSA
- Photoshop Mobile on Android review: first look
- ATI Radeon HD 5970: 42% more expensive in the UK
- Office 2010 Beta – 32-bit or 64-bit – The Choice is Clear
- Why Britain's watchdogs have fewer teeth than goldfish
- Tabbed documents: how to make Office 2010 great
- Outlook 2010 People Pane – does it spell death to Xobni
- Microsoft Outlook 2010 screenshots
- Co-Authoring in Word 2010 and SharePoint Foundation 2010
- Microsoft Outlook 2010 screenshots: Backstage view
- Getting to grips with Microsoft's IT Health Environment Scanner
- Virtualise your servers
- The changing face of travel gadgets
- Build your own distributed file system
- The bulletproof Dell that costs an arm and a leg
- Microsoft Office 2010 Technical Preview: Q&A
- Lawnmowers, the TyTN II and one odd insurance request
- There'll never be a bulletproof OS
- How far can we trust apps?
- Five nice touches in Outlook 2010
advertisement
