Imagine that a systems administrator for a midsized company has recently noticed
ID: 3766970 • Letter: I
Question
Imagine that a systems administrator for a midsized company has recently noticed numerous odd characters in the log servers. Specifically, http “GET” and “POST” log entries within their externally facing IIS version 5 Web server. Discuss the use of the “GET” and “POST” commands and decide whether or not there are concerns with their presence on the externally facing web server. Next, provide your analysis of the most damaging attack (i.e. XSS, SQL Injection, CSS, and Race conditions) against Internet Information Services (IIS). Support your rationale.
Explanation / Answer
==========================================================
---------------
GET Command:
---------------
GET command refers Requests data from a specified resource
---------------------
GET command usage
---------------------
01. GET requests can be cached
02. GET requests remain in the browser history
03. GET requests can be bookmarked
04. GET requests should never be used when dealing with sensitive data
05. GET requests have length restrictions
06. GET requests should be used only to retrieve data
---------------
POST Command:
---------------
POST refers Submits data to be processed to a specified resource
---------------------
POST command usage
---------------------
01. POST requests are never cached
02. POST requests do not remain in the browser history
03. POST requests cannot be bookmarked
04. POST requests have no restrictions on data length
----------------------------
Concerns with GET command
----------------------------
Since all the data traverse through URL, the data is being seen by all the people who are accesing the network.
Hence it is very dangerous to use GET command especially for Passwords.
----------------------------
Concerns with POST command
----------------------------
Though POST command securty , There are many attacks which can perform using POST command such as SQL injection and Xsite Scripting.
----------------------
SQL injection
----------------------
SQL injection is a code injection technique, used to attack data-driven applications, in which malicious SQL statements are inserted into an entry field for execution (e.g. to dump the database contents to the attacker).
----------------------
SQL injection overcome technique
----------------------
01. Always use Prepared statments
02. Make password to be encrypt in database.
----------------------
XSS Cross Site Scripting
----------------------
Cross-Site Scripting (XSS) attacks are a type of injection, in which malicious scripts are injected into otherwise benign and trusted web sites. XSS attacks occur when an attacker uses a web application to send malicious code, generally in the form of a browser side script, to a different end user.
----------------------
XSS overcome technique
----------------------
01. refine the data before you process it.
02, Use security jars to scan the input data.