Aug 10 2010

Episode 81: Web Security Overview Pt. 2

Play

XSS, CSRF, user input sanitiation oh my!

News/Follow-Ups – 00:51

Google Wave is no longer

Geek Tools – 05:26

Peel and Stick Whiteboard

Web Apps – 07:10

Sipgate - http://sipgate.com/ – SIP phone service for your team

Web Security Overview – 15:29

Episode 80: Web Security Overview Pt. 1

  • Typical Attacks
    • Client-side manipulation
      • HTTP is stateless so to conduct states tokens are usually sent to the client and echoed back to the server
      • Eg. Price of a product in a hidden form field
      • Bottom line, all validations should be made on the server side
  • SQL Injection
  • Cross-Site Scripting (XSS)
    • Second most common vulnerability
    • roughly 80% of all security vulnerabilities documented by Symantec as of 2007
    • Client side?
      • Javascript
      • Java
      • Activex
      • Flash
      • VBScript
      • Or even HTML ( think iframe )
    • What can you do about it?
      • Sanitize user input
      • Tie cookie session data to an specific IP address
      • Modern browsers, IE6 Firefox 2.0+, Safari 4, and Chrome have a cookie flag called HttpOnly which makes the cookie unavailable to client side scripts.
  • Cross-Site Request Forgery (CSRF)
    • AKA Session Hijacking
    • Forces a logged on victim’s browser to send a HTTP request to the server
    • Most common way to prevent this
      • Requiring a secret, user-specific token in all form submissions and side-effect URLs prevents CSRF; the attacker’s site can’t put the right token in its submissions.
      • This is done in most modern web-frameworks
  • Password Security
  • Tools to test your site for vulnerabilities