Week 3 Flashcards
Outline the main components of a typical Internet commerce server.
The main components of a typical Internet commerce server are:
- Operating system - the foundation for all servers and interface software.
- Front end server - includes web server, mail server, ftp server, news server for newsgroup, remote login server, etc.
- Back end server - includes database server that enables files to be shared across users. Internet users can access back end databases (e.g., product specification, price, product search) through interface software.
- Interface software - e.g., Common Gateway Interface (CGI) script used to provide interactivity between web clients and merchant’s business data.
What are the differences between passive attack and active attack?
Passive attack: Observe only: A passive attack is an attack on a system that does not result in a change to the system in any way. The attack is to purely monitor or record data. Examples of passive attacks are eavesdropping and traffic analysis.
Active attack: Modify or create messages or data in order to deceive, defraud or cause damage such as forge a message, modify a message, replay a previous message, hijack a session and soon.
Describe three ways in which e-commerce servers may be vulnerable to attack
- Denial of service - a client floods a network by sending millions of request to the web server which results in the web server being unable to respond to any legitimate request. This attack eats up the web server resource and hence cripples the server to respond to any client’s request.
- Software holes – No software can be guaranteed to be bug free. Some of these bugs can be exploited by the hackers to disable the server to execute its function. Especially, flaws in systems programs potentially provide holes in the system.
- Malicious execution of system commands - where unauthorized user can delete, copy, move files, change/modify data in the files contained in the database of the Internet vendor sites.
Discuss how operating system software flaws may compromise a security policy
Modern operating system software is highly complex and is thus sure to contain both known and unknown weaknesses and flaws. The flaws can occur at the design level in the form of either oversights or compromises in the design, or they may occur at the implementation level as a consequence of software bugs and programming errors. Flaws in system program potentially provide ‘holes’ in a system for hackers to exploit. Common attacks include Denial of service (flooding a system/disrupt a connection) and Buffer overflows (Ping Of death/ excess flood memory).
Discuss how network server software flaws may compromise system security
Security at server side is important because data is vulnerable, the server potentially is the weak link and the server provides access to other systems. Any software flaw that can be exploited makes the system vulnerable to attacks such as system configuration, software holes, malicious execution of system commands, and denial of service.
The denial of service causes the network to flood thereby preventing legitimate network traffic and can disrupt connections between two machines, and thus preventing access to a service.
Discuss how web server software flaws may compromise system security
- Securely configure the web server so that super user’s default set of permissions for files are changed to meet the security policy of the organization. Or access privileges may enable hackers to manipulate the web server configuration.
- Web server should be configured to prevent privilege escalation. Privilege escalation occurs when an untrusted and unauthorized user is able to obtain higher privilege in accessing, creating or deleting files.
- Few options should be disabled, e.g., automatic directory listing, symbolic links
Discuss three ways in which the incautious use of CGI scripts could compromise the
security policy of an e-commerce system.
Discuss three ways in which the incautious use of CGI scripts could compromise the security policy of an e-commerce system.
Explain what is meant by “privilege escalation” and outline how it might occur.
Privilege escalation is one of the most serious errors in configuring web server. Only limited privilege levels should be allowed according to the principle of least privilege. If
everyday users have too high level of privilege, they may be able to plant and execute software on workstations that has negative consequences for security. Running certain
cracking tools requires administrative-level privileges. These tools (such as Netcat, a port listener) can threaten the security of servers within a given local network, and sometimes within an entire wide area network (WAN). Similarly, privilege escalation can result in subversion of systems and/or denial of service. Users have also been known to plant Trojan horses that execute when an administer logs onto the workstation, thereby elevating
the privileges of the user.
Discuss two ways in which access control might be implemented on a web server hosts.
Client host name and IP address authentication - authorized hosts are stored in Access Control List (ACL) and can be checked for authentication:
User name and password - again the ACL issued to verify that the access is authorized.
Digital certificate – Digital equivalent of certificate that can be used to establish credentials when doing business or other transactions on the Web. It contains certificate holder’s name, a serial number, expiration dates, a copy of the certificate holder’s public key (used for encrypting messages and digital signatures), and the digital signature of the certificate-issuing authority so that a recipient can verify that the certificate is real.
How can a web server enforce client authentication requirements?
A web server can enforce client authentication requirements by using a firewall and digital certificates that uses the SSL (secure socket layer) technology.
List two design goals for a firewall
Firewalls are based on the following design goals:
- All traffic in both directions must pass through the firewall
- Only authorized traffic, defined by local security policies, will be allowed to pass