3 - Secure data management Flashcards
States of data
- At rest
- In transit
- In Use
Database vulnerabilities
- Misconfiguration
- Lack of training
- Buffer overflows
- Forgotten Options
- Unused stored procedures
- Service account privilege issues (minimum)
- Weak or poor authentication methods enabled
- No or limited auditing
- Lack of input validation etc
Buffer overflows
Crashing server by storing big thing in small place
Forgotten options
Weak documentation/redundancy of staff etc
Error log
Store any errors that occur
Access Log
Store any attempts to access the system
Lack of input validation
Santise data in input fields before saving. Never trust the user.
Passive Threats
Threat to confidentiality
- Unauthorised person may listen to sensitive comms
Active Threats
Threats to integrity
- Unauthorised person may alter/delete information
Cryptanalysis
- Hacker tries to work out what encrypted information means
Apps for locating databases on the network
- SQLPing 3.0
- SQLRecon
Denial of Service
Intended to make data server unavailable/unable to respond to requests.
Distributed DoS
Uses lots of systems to conduct a Denial of Service attack
SQL Injection
Exploit “holes” in a Web application to run rogue SQL commands.
Done by placing special characters into existing SQL commands to achieve desired results.
Avoiding SQL Injection
- Validating user input
- Input sanitisation
- Hashing & encrypting data
- Execute only with an account with least privilege
- Avoid error messages containing valuable data
Backdoor
Runs in a hidden process to give attacker port to connect to this system.
- Can do basically everything, especially with admin privileges.
Ransomware
Locks up a PC etc for a price.
Cloud Computing Security Issues
ARL
- Availability (must be available)
- Reliability
- Loss of control
Misconfiguration Risks
- Steal server info
- Run scripts
- Excecute remotely
- Enumerate servers
- Denial of serviceN
Network based risks
- Attacker capturing network traffic etc
Client Side risks
- Risks that affect the user’s system directly
Key
bigger key = better, 1025bit min
Symmetric Encryption
Shared key - one key
Relies on secrecy of key
Asymmetric Encryption
Public key encryption - two keys