Web Security

Web Security {7}

by Andrew H
I read an article this week by Sarah Perez called, “ArmorHub’s Web Security Service Scans For Vulernabilities and Malware, Works Great For Startups As Well As Your Dad.” The article talks about ArmorHub launched a web security service November 15th, mainly for small to mid size businesses and most importantly what she calls the “layperson” which she says is somebody who knows security is important but doesn’t know how to protect or monitor their site. The company was started by the founder of eTacts which sold to salesforce.com and Kendall Dabaghi and their inspiration came from their years of building applications but always wondering in the back of their mind if they have security issues. They decided that they wanted to create a service that everyone can use to check their website for security issues that could be cause by malware, SQL injections and cross-site scripting. Their service is free to use and uses the proactive instead of reactive approach in that they can scan your site and databases as well and tell you if there are an security vulnerabilities in them. If there are you can then fix them yourself if you know how or they can fix them for you at a fee determined between you and the company. read more...

FBI Warns About The Vanishing of The Web in July {Comments Off on FBI Warns About The Vanishing of The Web in July}

by Toan T
This article talks about how the FBI is warning that hundreds of thousands of people could lose their internet connections when July comes around. This is all due to a malware known as DNSChanger. How DNSChanger works is that when you enter a Web address into the browser, the computer contacts the DNS servers to find the IP address of the site you are trying to reach. DNSChanger fiddles around with infected machine;s settings and direct it to rouge servers by a crime ring (servers that hand out addresses to whatever site the ring chooses). People behind DNSChanger have profited millions in commission from all the hijacked computer clicks and internet ads for the machines they hijacked. Last year, FBI disrupted the ring and seized the rouge servers but was not able to shut them down due to the fact that so many machines were infected. As an alternative method, they were instead converted to legitimate DNS servers. However, running these servers costs the government money so they’re are going to be switched off in July. Those with infected machines will no longer be able to access the Web at all. DNSChanger Working Group has created a website to diagnose any machine and if necessary remove DNSChanger if it is infected. This needs to be done before July 8 since the servers are going to go down the following day. read more...

HTML Elements Used to Detect Dangerous Web Pages {2}

by Antonio M
This article was very interesting and fascinating to follow. It talked about a proposed
algorithm that would be used to detect malicious and hazardous web pages. This particular
algorithm uses the strings that appear in HTML elements rather then using an older
algorithm that actual checks the text parts within a web page to see if it is considered
a hazardous web page. According to the authors it can be a harder using a text based
algorithm to check for hazardous web pages because some web pages may not contain as
much text to evaluate.  There may also be some malicious links of pictures, pop-ups or other things that
aren’t exactly written on a web page. With out going into to much detail this HTML algorithm will look at the
HTML code within a webpage and it will then extract HTML elements(<body>,<p>,etc). Once these
HTML elements have been extracted they will then be parsed through into strings “with the
separating characters \t , . / ! ” = % & { } [ ] _” and so on, which can then help determine
which string is considered to be malicious and hazardous to a webpage. Once these strings have
been extracted there will then be the use of what the authors call a “Support Vector Machine” (SVM).
The SVM will then be trained to remember what the malicious HTML looked because it is the SVM
that is actually looking at the web page and determining whether it is a hazardous site or not. read more...

New Way of Thinking {Comments Off on New Way of Thinking}

by Monica G
With computer hacking on the rise, it’s no wonder people are looking at other ways to avoid these inconveniences. The author explains this new way of approaching password guessing attacks from unauthorized users; it is called PGRP (Password Guessing Resistance Protocol). With past ways, the ATT-based login protocols allowed for very few user free attempts without requiring more information and others fell on the other side of the spectrum where user convenience was all and ATTs where low but required other fields. Fortunately there is some type of middle ground, PGRP which allows the user to have a lot of password attempts without pestering with ATTs but it sometimes only works for users trying to enter from the same device. Because many times that is the problem, invaders will come from random places when the attacks occur, and when this does occur, PGRP usually only allows the user one attempt at most. read more...

More Internet Security Woes… {Comments Off on More Internet Security Woes…}

by Calvin M
*Note: I noticed one of my fellow classmates also read the same article, so I am writing about the part he didn’t discuss about to avoid any plagiarism confusions.

Juliano Rizzo and Thai Duong are security researchers that have built a tool that can retrieve authentication tokens and cookies from websites HTTPS request that can be used to get peoples personal information and private, server-side information from the websites. Last year, these two researchers were able to figure how some people were able to attack ASP.NET web applications that was also able to retrieve people’s personal information and other data. This vulnerability is apparently present in about 25% of web applications using ASP.NET. Because of this vulnerability, Microsoft had to release an emergency patch which fixed this vulnerability in the web applications. read more...

SQL Attack on the Internet {Comments Off on SQL Attack on the Internet}

by Tuyen H

Since the Internet has been developed, the WEB becomes popular in every day of human lives. People use the Internet for working, study, entertainment, shopping, and business transaction. The database becomes a part of the Internet especially for interactive websites. Unfortunately, the Internet computer viruses and computer attacks also has been increased. In the article “A database protection system aiming at SQL attack” the authors mention about the most popular virus is SQL attack. Hackers use Structured Query Language (SQL) attack the database of the website to alter, update, or delete the data. Because SQL language is very mature, so it easy to attack all platforms such as Windows, Apple, Unix or Linux. Therefore, preventing SQL attack is very important. Today, we use the Intrusion Detection System (IDS) to prevent the SQL attack; however, this method slows down the system. The authors introduce a new technique which takes place between the web server and the database server instead of the web application server and Internet. According to the author, this method “provides further defense, with a lower rate of false positives and false negatives.” Finally, this database protection controls the data crossing through the web server and the database, so it does not affect to the web performing. read more...

Where Security Ranks {2}

by Joeydes M
Summary:

This article is talking mainly about the potential risks that you face while using the web. It goes into detail about how the Web 2.0 initiative is bring about many opportunities to connect with people and business globally and on a grand scale. The channels of communication and services that are readily available for us are because of the web, and though it enables us to be more efficient it also leaves us vulnerable as well. Things like intellectual property, identity, and financial information. It goes on further about the security of enterprise level data, and how company’s must make this a priority. It discusses measures beyond just authentication, such as permissions and access levels and audit trails to keep track of what people are doing once they are logged in. It ends the discussion with the commitment factor, that security is an ongoing, constantly developing process and is not just a “set and forget” process. There needs to be constant attention to detail and follow up. read more...