Table of Contents
In present day computing world, new and unique security threats emerge on a daily basis. To be on the safe side, one must be in a position to identify potential and major threats. One also needs to understand how to go about countering them. This part of this paper will focus on the two common beguiling and harmful threats to software security, which continue to reoccur in the daily security threats report. This will cover Cross-site scripting attacks and denial of service attacks.
Cross-site scripting attack (XSS)
This is one of the application software security threats, which in the actual fact is an exploit in that, the attacker introduces malicious coding into the link, that appears to the eyes of a normal user as a link that points to a trustworthy source. On clicking on the link to open the webpage, the embedded program code is submitted and gets into the network as a part of the clients web request. The code further continues to execute on the user’s computer (Mellon, 2010). Once executed, the attacker can easily access resources from the user’s computer and can steal data, information and even access the software.
Web sites that are attacked in this way continuously returns an error message which in it includes the user input data. This makes it possible for the attacker on the other end to alter the HTML that is in charge of the behavior of the form and the page as well. Attackers manage to achieve this privilege in a number of ways. In one of the possible ways, the attacker inserts code into the link in a spam message in form of a forum message. Using the email spoofing, the attacker pretends to be a trusted source.
Like other form of application attacks and web exploits like the SQL injection, this kind of security threat referred to as the cross site scripting is believed to have been caused by the presence of insecure application programs that form loop holes through which the attackers code find the way into the users systems. These weak applications fail to validate user input information, and also fail to ensure that the generated pages are properly encoded before they are release into the wider networks (cgisecurity.com, 2010). This is facilitated through web server applications that generate pages dynamically, making the system vulnerable to cross site scripting exploit. This cross site scripting vulnerability is also referred to as an XSS hole (apache.com, 2006).
To ensure that there is adequate protection against cross-site scripting, it is advisable to ensure that web applications include appropriate security mechanisms. Servers should also validate input to ensure that the received data or information is validated before processing.
Cross site scripting mainly affects across web software developers. The exploit itself poses a potential threat that breaches the confidence and the relationship between web users and the unrelated third party sites. Malicious website operators use the loopholes in weak applications to release executable arbitrary scripting codes on the end user’s systm.
Supposing that Mal for example, is the originator of................ and has decided to take advantage of vulnerability to attack users from Acme Widgets, With Mal fully aware of how Acme operates in the website that hosts the feedback forms at ........ In the normal operation, the form processes user feedback and sends the confirmation page, thanking the user for submitting the data .
It also displays the data that was entered on the initial page submitted by the user. Mal is also aware that application users with Acme have the........... site as one of their listed entrusted web sites. The untrusted web site ...... can implement an attack by placing a hyperlink on this trusted site, labeled “Win Win Win”” click here to claim your price”-or whatever. By coding this link to submit data ti the web page that gives input from the web site, into their feedback field. This is a good example of cross site scripting attack.
Cross site scripting (XSS) also involves echoing attack technique. This involves supplying echo attack code into user’s browser instance. A browser instance can be termed as a browser object incorporated in software such as the browsers with WinAmp, an email client or a java flash. The code itself is written in java script or the usual Html. The code might also be extended to java, VBScript, flash or any other relevant and supported technology development.
With the attacker in action, the user browser is made to execute the attacker’s code. The code runs within the security zone or context of the hosting website. With the accorded level of privileges, the attacker’s code can execute any accessible data via the browser through reading, modifying, or transmitting.
There exist three main types of cross site scripting attacks: non persistent, DOM-based and persistent attacks. The non-persistent and the DOM-based attack require the user to visit a specifically woven link with the malicious code attached on it. The attacks also take place when the user visits a malicious web page containing the attack codes. Persistent attack occurs when the malicious attacker code is submitted to a web page where it is temporarily stored. Attacker’s code favorite targets include web mail messages, web chat soft wares, and also the message board posts.
Denial of Service Attacks (DOS)
A denial of service attack (Dos) can be defined as an incident whereby a user or an organization is deprived or denied some or all services of its resource, which the normally enjoy the privilege to have. When a number of compromised systems referred to as the botnet attack a single target, the attack is referred to as a distributed denial of service.
This kind of attack is not usually associated with security loss or information theft. However, it can cost the company or the target person a lot in terms of money and time. Loss of service is evident in this attack whereby, a particular network service like email becomes unavailable or there is a temporarily loss of network service or lloss of network connectivity. A denial of service attack can also destroy the program software and files in an affected computer system. In some cases, a DOS can limit or deny web services access by a very big population or region, thereby forcing them to cease operation. The most common forms of DOS attacks include buffer overflow attacks, SYN attack, tear drop attack, Smurf Attack, and the physical address attacks.
Benefit from Our Service: Save 25% Along with the first order offer - 15% discount, you save extra 10% since we provide 300 words/page instead of 275 words/page
Buffer overflow attacks
In this kind of denial of service attack, more traffic that the anticipated by the programmers, is sent into a network. The attack may pose the attack as a trial attempt or may be aware of the weaknesses of the network. Several buffer characteristics based DOS attacks include; sending an email with attachments that have 256 character file names to the Netscape- and Microsoft mail programs-, sending oversized ICMP () internet control message protocol packets (W3C). This is also referred to as PING (packet internet or inter-network Groper of death). This may also include sending messages with a “from” address that is larger than 256 characters.
This usually happens when an attacker sends a number of rapid connection requests and fails to respond to their corresponding reply. In this scenario the first packet is left in the buffer and denies other legitimate connections the appropriate accommodation. In most cases, the packet in the buffer is dropped after a reply is not received in a considerable amount of time. However many of these bogus connections may make it difficult and impossible at some points, for the legitimate session requests to get established. This problem depends on the operating system in place. Some operating systems provide the appropriate settings and allow s the network administrator to adjust the size of the buffer and time out periods. This reduces chances of buffer misuse thereby reducing chances of such an attack.
This kind of DOS attack happens when the attackers IP address introduces a confusing offset value in the second or higher fragments. If the receiving system has no capability of dealing with this kind of attack situation, the system can even crash.
In this kind of DOS attack, the attacker sends an IP ping-also known as the echo my message back to me-request to the receiving end. The ping packet is broadcasted to a number of hosts within the receiving end network. Through spoofing, or sending a packet with another person’s return address, this results to too many ping replies which floods back to the spoofed host. If this flood exceeds limit, the spoofed host fails to receive or distinguish real traffic from the unreal.
Computer viruses which replicate across a network can lead to a denial of service scenario. In this case the victim is not specifically targeted, but it’s a game of luck. Some of the viruses cause a denial of service that is hard to notice. This can lead to very disastrous scenarios.
Related Technology essays
- Windows 7 vs Vista
- Impact of National Culture on E-commerce
- Technology and Its Effects on Communication
- My Favorite Mechanically Engineered Device
- Health Information Technology
- The Website
- Acceptable Use Policy
- Wireless Networks
- Improvement in Information Retrieval Techniques
- The Technology of World