Friday, March 31, 2006

Buffer Overflow

See this

http://www.insecure.org/stf/smashstack.txt

...Njoy !

Introduction to Web Services Security

Although the basic standards for web services are of great use for a lot of different scenarios, they do lack some features that are required in most real world applications, e.g. standard ways for handling security and authentication. These features are currently under development in various standardization initiatives, and some have just surfaced as standards. One of them is WS-Security, which is an OASIS standard.

Formerly Web Services authentication was something that you would have to implement yourself in your application.

Furthermore you would need to apply transport based security to guarantee confidentiality of the data communication, if your web service exchanged data over the wire that is confidential.

Earlier SOAP implementations mainly used HTTP as the transport protocol, so the assumption was made, that the security could also be based on HTTP and thus Web Services could be secured by using SSL/TSL and Basic Authentication.

Consequently SOAP does not contain any security elements itself, but instead leaves this to be handled by a combination of transport security and custom authentication implementations.

Nowadays SOAP implementations use other protocols than HTTP in an increasing level, so the need to apply security to the messages exchanged has become very important.

Also, SOAs are designed to be a number of interconnected nodes / applications that sometimes communicate through other systems, which makes point-to-point security mechanisms as SSL/TLS inadequate

Tuesday, March 21, 2006

The STRIDE Model

Many Security Evangelists use STRIDE Model for Threat Modeling an Application

Spoofing user identity - Spoofing threats are usually associated with a wily hacker being able to impersonate a valid system user or resource to get access to the system and thereby compromise system security.


Tampering with data - Tampering with data involves the malicious modification of system or user data with or without detection.


Repudiation - Repudiation threats are associated with users—malicious or otherwise—who can deny performing an action without administrators having any way to prove otherwise. An example of a reputability threat is a user performing an illegal operation in a system that lacks the ability to trace such operations.


Information Disclosure - Information disclosure threats involve the compromising of private or business-critical information through the exposure of that information to individuals who are not supposed to see it.


Denial of service - Denial of service (DoS) threats when carried out deny service to valid users—for example, by making the system temporarily unavailable or unusable or by forcing a reboot or restart of the user’s machine.


Elevation of privilege - In this type of threat, an unprivileged user gains privileged access and thereby has sufficient access to compromise or destroy the entire system.

Thursday, March 09, 2006

What is a Comprehensive Assessment?

A comprehensive assessment is a systemic assessment performed on the application code.

Security Comprehensive Assessment – This is a line-by-line assessment of the application code to ensure there are no security vulnerabilities such as clear text passwords and SQL injection problems. NOTE: if we do not have access to the source code for a 3rd-party application black-box testing will be conducted.

Privacy Comprehensive Assessment – This is an assessment of the application code to ensure there are no privacy violations such as using the incorrect privacy statement or Legal Notice and not using data input validation rules (e.g., zip codes should only have numeric values).