Protect XML Web services from hackers [Part I]

Protect XML Web services from hackers [Part I] [] second part]
Matt Powell
Microsoft Corporation
September 5, 2001
Brief introduction
In the process of talking to developers about the future of XML Web services, we learned that one of their biggest concerns was that the fear of weaknesses in the software might make the service vulnerable to malicious users. This can be said to be both bad news and good news. It is bad news because attacks can lead to limited availability of services, private data leaks and, worse, control of the computer into the hands of these malicious users. It's good news because you can get some real protection to reduce the risk of these attacks. We will describe the types of attacks that have occurred and how you can protect your efforts in the areas of deployment, design, and development. The first column in this topic will focus on the issues that should be considered during deployment, and the next column will cover design and development issues that need to be noticed when developing XML Web services.
Type of attack
To find out where the risk is and how to avoid it, the first step should be to understand the type of attack that the service might suffer. Once you understand the types of problems you may encounter, you can take appropriate steps to mitigate the risks associated with these problems.
Attacks can usually be grouped into three broad categories:
Deceive
Exploit errors
Denial of Service
Deceive
On a system that requires authentication, one of the most common hacker attacks is to work out a user's authentication certificate, log in to that user, and then access the user's information. This is bad, but the risk is greater if the compromised certificate belongs to a system administrator or someone else with higher privileges. Because, in this case, the attack may not be limited to disclosing the data of a single user, but also the possibility of leaking all user data.
Hackers may use several methods to determine a user's password. For example, try words that make sense to the user, such as the user's name, his or her pet's name, or his or her birthday. More persistent hackers will even try every word in the dictionary (dictionary attack). Other ways to obtain certificate information include: Capturing network packets and reading the information in the sent data; by DNS spoofing, inserting a malicious computer as an intermediary between the client and the server; pretending to be a system administrator, requiring the user to give his or her certificate on the basis of troubleshooting; or to record a logon handshake with the server , and then repeat the process to try to authenticate.
You can mitigate most of the risks posed by spoofing by taking measures such as enforcing a stronger password and using secure authentication mechanisms.
Exploit errors
One of the key factors determining system vulnerabilities is the quality of code running on that system. System errors are not limited to causing a particular thread to appear unexpectedly. Hackers can exploit these vulnerabilities to execute their own code on the system, access resources with higher privileges, or exploit resource vulnerabilities (caused by errors) that could potentially cause the system to slow down or become unavailable. One of the best-known examples of this attack is the Red Code worm, which exploits the error in the Index Server ISAPI extension, executes the code it chooses on the infected system, and then continues to look for other vulnerable computers.