Security/Troubleshooting Flashcards
1
Q
ssh
A
- secure shell
- a network protocol used to connect to a remote server securely and run commands on it
- built into terminal
- putty is windows alternative
2
Q
session hijacking
A
- a security attack
- attacker gains access to a valid session in order to impersonate another user (session fixation)
- usually done by sniffing packets, or gaining physical access to the comptuer
Solutions
- encryption (https)
3
Q
public key cryptography
A
Steps
- server/website makes public key available to client
- client encrypts information with server’s public key
- client sends encrypted message to server
- server decrypts message with its private key
4
Q
ssl
A
- refer to certificates used to confirm that encryption (https) is being used in a connection
- also refers to two security protocols: TLS (Transport Layer Security) and SSL (Secure Sockets Layer)
- thse protocols use public key cryptography
- typically, developers buy certificates from a trusted authority
- individuals can create their own certificate, but browsers will throw a warning when someone visits the site because it isn’t verified by an authority
Steps
- Client makes request to connect to server
- Server responds to request with certificate and public key
- Client checks if certificate is verified by an authority
- If so, client encrypts http request with public key, sends to server
- Server decrypts with private key
5
Q
same origin policy
A
- imposes restrictions on the ability of a webpage to access data from another site
- generally speaking, website A cannot run scripts on/access data from website B if origins are different
- where origin consists of protocol, port, host
- exceptions exist, like for images (which come from websites with a different origin)
6
Q
sql injection
A
- a security attack
- attacker inserts nefavious SQL statements into a form field on the client side
- If server is taking form input and inserting it into an SQL query, query will be modified and yield unsafe results
- avoid by using mysql_real_escape_string, which automatically escapes quote chars from user
7
Q
xss
A
- cross site scripting
- a security vulnerability
- attacker insert a script tag in docment with malicious code
- tag is usually inserted in user input form field or as URL query parameter
Solution
- encode/escape user input
8
Q
csrf
A
- cross-site request forgery
- a website attack
- uses the fact that user has been authenticated (via a cookie) and tricks user into performing privledged, detrmental behavior
Example/Steps
- a user is logged into website A (ex: a bank) and authenticated using a cookie
- elsewhere, a hacker creates a link to website A with query parameters for behavior he wants (ex: send me all his money)
- hacker exposes user to link, and user click it, unwittingly performing the behavior hacker wants
Solution
- Use a server-generated, one-time token
- Use a captcha
- Use http referrer header which indicates which website http request came from
- referrer domain should match post domain
9
Q
A
10
Q
curl
A
- command line tool used to transfer data using different web protocols
- useful for testing RESTful APIs, amongst other things
- curl -I example.com
- returns the headers of an http response
11
Q
telnet
A
- an internet protocol
- used to control one computer from another
- grants access to a command line interface on a server remotely from another computer
12
Q
A
13
Q
dns
vulnerability
A
- hacker compromises local DNS table, and redirects client to a shady website when they try to access a normal website
14
Q
troubleshooting tools
A
- telnet
- good for checking headers
- curl
- good for API checking
- dev tools
- check HTTP headers
- waterfalls
15
Q
xss
A
- cross-site scripting
- a security vulnerability
- attacker inserts a tag with malicious code somewhere in the document somewhere in the page and places malicious JavaScript inside
- usually uses an input form or URL parameter
Solution
- escape/encode all user inputon the server side
- usually using a user input field or an query parameter
Solution
- escape/encode user input
