Printed from www.pcpro.co.uk
9. Disclose your vulnerabilities
Posted on 12 May 2008 at 15:07
IT security revolves around the concept of vulnerability: the attacker wants to find and exploit it, while your aim is to ensure that it doesn't exist. Unfortunately, while the former is child's play, the latter is harder than it may seem. As Lawson explains: "All software has faults; this is an immutable fact about code written by humans. It's critically important computer systems are kept up to date, as the updates fix the bugs that could lead to a compromise by a hacker. Microsoft has made this incredibly easy with the Automatic Updates tool. Ensure this tool is running to download updates automatically. Corporate environments should test all updates prior to deployment to ensure the update doesn't affect business functions."
The Microsoft Baseline Security Analyzer (www.microsoft.com/technet/security/tools/mbsahome.mspx) is another easy-to-use tool designed for the IT professional that can help small and medium-sized businesses to determine their security state in accordance with Microsoft security recommendations.
But what about when you move away from your computer and the vulnerabilities of the OS, and look towards your website instead? Fogerty recommends two distinct approaches: web-server and web-application testing. "With web-server testing you're testing the underlying web server (IIS, Apache) to make sure it's patched and in a hardened configuration. Run free tools like Nikto or Nessus to check for vulnerabilities," he says. Both are available to members of Hackerwhacker as mentioned earlier.
"With web-app testing, you are looking at the application that sits on the web server. This is usually a custom application and could be susceptible to SQL Injection, Cross Site Scripting (XSS) and Cross Site Request Forgery (CSRF) vulnerabilities if the developers have not used 'defensive programming'; that is, not validating input from the client before acting on it," Fogerty adds. "There are plenty of free web-app testing proxy tools that act as a middle-man between the client and server. You can then insert 'malicious' data into the HTTP stream to see if the web app fails to deal with it." Try Achilles (www.mavensecurity.com/achilles), Burp (www.portswigger.net/proxy) or Paros (www.parosproxy.org/download.shtml) for starters.
Author: Davey Winder
advertisement
- Nokia recalls 14 million faulty chargers
- Play.com order glitch leaks names and addresses
- Rupert Murdoch considers Google block
- Skype safe as eBay strikes deal
- Rick Astley worm infects iPhones
- Web censorship "breaches WTO rules"
- Facebook users to join the IM crowd
- Government promises broadband windfall for Scots
- Kingston bringing films to a flash drive near you
- Scientists tout cloaking tool for search engines
- Motorola pays Lucas for its Droid
- Where are the killer apps for Windows?
- Will you hit the Orange iPhone "unlimited" cap?
- USB 3 first benchmark - it's here, and it's fast
- Why Windows 7 has forced me to worry about security
- How Dixons is (under)selling Windows 7
- Do I like Windows 7 because it's so like a Mac?
- No Windows 7 drivers turn Dell M1330 into a doorstop
- Is Windows 7 good looking enough to sway an Apple fan?
- Typekit brings print-like typography to the web
- The bulletproof Dell that costs an arm and a leg
- Microsoft Office 2010 Technical Preview: Q&A
- Lawnmowers, the TyTN II and one odd insurance request
- There'll never be a bulletproof OS
- How far can we trust apps?
- Five nice touches in Outlook 2010
- Building a better Google
- Beware HP's horrendous printer-driver glitch
- Microsoft debuts free Morro antivirus package
- Getting started with Search Server 2008 Express
advertisement
