Web Security Threats

8/13/2019 Web Security Threats

1/83

Web ApplicationWeb ApplicationSecurity ThreatsSecurity Threatsandand

Counter MeasuresCounter Measures

Sang ShinSang [email protected]@sun.com

www.javapassion.comwww.javapassion.comJava Technology EvangelistJava Technology Evangelist

Sun Microsystems, Inc.Sun Microsystems, Inc.


2/83

Today's Presentation is available fromToday's Presentation is available fromhttp://www.javapassion.comhttp://www.javapassion.com

Demo is available fromDemo is available fromhttp://www.javapassion.com/handsonlabs/http://www.javapassion.com/handsonlabs/

4010webappsec!rity."ip4010webappsec!rity."ip


3/83

. 3

#$enda How real is the Web application threat?

! most common Web application threats an"

counter measures Security principles

Tools


4/83

. 4

%& of (eb #pps )ave

*!lnerabilities #ross$site scripting %&! percent'

S() in*ection %+ percent'

-arameter tampering %+! percent'

#ooie poisoning %/0 percent'

1atabase server %// percent'

Web server %/ percent'

2u33er over3low %4 percent'


5/83

. 5

+(#,P Top 10 (eb ,ec!rity Threats. 5nvali"ate" input. 2roen access control

/. 2roen authentication

6. #ross$site scripting %7SS'8. 2u33er over3lows

+. In*ection 3laws

0. Improper error han"ling

&. Insecure storage4. 9pplication "enial$o3$service

!. Insecure con3iguration management

,o!rce: www.owasp.or$


6/83

-1: nvalidated-1: nvalidatednp!t: other ofnp!t: other of#ll (ebtier#ll (ebtier

,ec!rity Threats,ec!rity Threats


7/83. 7

-1: nvalidated np!t 2Description3 9ttacer can easily tamper any part o3 the HTT- re:uest

be3ore submitting> 5;)

> #ooies> Hea"ers

#ommon names 3or common input tampering attacs> 3orce" browsing, comman" insertion, cross site scripting, bu33er

over3lows, 3ormat string attacs, S() in*ection, cooiepoisoning, an" hi""en 3iel" manipulation


8/83. 8

-1: nvalidated np!t 2,ol!tions3 1o rigorous input "ata vali"ation

> 9ll parameters shoul" be vali"ate" be3ore use

1o server$si"e vali"ation> #lient si"e vali"ation coul" be bypasse" by the

attacer easily

> #lient si"e vali"ation is to be use" mainly 3or :uicuser responsiveness

1o canonicali=ation o3 input "ata> The process o3 simpli3ying the enco"ing


9/83. 9

-1: nvalidated np!t 2,ol!tions3 5se centrali=e" co"e 3or input vali"ation

> Scattere" co"e is har" to maintain

Each parameter shoul" be chece" against astrict 3ormat that speci3ies e>actly what input willbe allowe"> This is calle" positive@ input vali"ation

> Aegative@ approaches that involve 3iltering out certainba" input or approaches that rely on signatures are notliely to be e33ective an" may be "i33icult to maintain


10/83. 10

-1: nvalidated np!t 2,ol!tions3 Bali"ation #riteria

> 1ata type %string, integer, real, etcC'

> 9llowe" character set

> Minimum an" ma>imum length

> Whether null is allowe"

> Whether the parameter is re:uire" or not

> Whether "uplicates are allowe"

> Aumeric range

> Speci3ic legal values %enumeration'

> Speci3ic patterns %regular e>pressions'


11/83. 11

(hats (ron$ (ith This Pict!re5


12/83. 12

-1: nvalidated np!t 267ample3

public void doPost(HttpServletRequest req,) {

String customerId =

req.getParameter(customerId!)"

String s#u = req.getParameter(s#u!)" String stringPrice = req.getParameter(price!)"

Integer price = Integer.value$%(stringPrice)"

&& Store in t'e database it'out input validation

&& 'at 'appens i% a 'ac#er provides 'is on

&& price as a value o% price! %orm %ield*

order+anager.submit$rder(s#u,customerId,price)"

&& end doPost


13/83. 13

-1: nvalidated np!t 28orrected3

public void doPost(HttpServletRequest req,) {

&& -et customer data

StringcustomerId =

req.getParameter(customerId!)" Strings#u = req.getParameter(s#u!)"

&& -et price %rom database

Integerprice = s#u+anager.getPrice(s#u)"

&& Store in t'e database

order+anager.submit$rder(s#u,customerId,price)"

&& end doPost


14/83. 14

-1: nvalidated np!t 2Tools3 DW9S-s WebScarab

> 2y submitting une>pecte" values in HTT- re:uests

an" viewing the web applications responses, youcan i"enti3y places where tainte" parameters areuse"

Stinger HTT- re:uest vali"ation engine

%stinger.source3orge.net'> 1evelope" by DW9S- 3or JEE environments


15/83

-9: ro;en-9: ro;en

#ccess 8ontrol#ccess 8ontrol


16/83. 16

-9: ro;en #ccess 8ontrol

267amples3 Insecure I1Fs


17/83. 17


18/83

-


19/83. 19

-


20/83. 20

-,,+3public void do-et(HttpServletRequest req,) {

&& -et user name

String userId = req.getRemoteser()"

&& -enerate coo#ie it' no encr/ption

0oo#ie sso0oo#ie =

ne 0oo#ie(userid!,userId)"

sso0oo#ie.setPat'(&!)" sso0oo#ie.set1omain(cisco.com!)"

response.add0oo#ie(sso0oo#ie)"


21/83

. 21

-,,+3public void do-et(HttpServletRequest req,) { && -et user name

0oo#ie23 coo#ies = req.0oo#ies()"

%or (i=4" i 5 coo#ies.lengt'" i66) { 0oo#ie coo#ie = coo#ies2i3"

i% (coo#ie.get7ame().equals(sso0oo#ie!)) {

String userId = coo#ie.get8alue()"

HttpSession session = req.getSession()"session.set9ttribute(userId!,userId)"

&& end i%

&& end %or

&& end do-et


22/83

. 22

-,,+3public void do-et(HttpServletRequest req,) {

&& -et user name

String userId = req.getRemoteser()"

&& :ncr/pt t'e ser I1 be%ore passing it

&& to t'e client as part o% a coo#ie.

encr/ptedserId = :ncr/pter.encr/pt(userId)"

0oo#ie sso0oo#ie =

ne 0oo#ie(userid!,encr/pteduserId)"

sso0oo#ie.setPat'(&!)"

sso0oo#ie.set1omain(cisco.com!)"

response.add0oo#ie(sso0oo#ie)"


23/83

. 23

-,,+3

public void do-et(HttpServletRequest req,) {

&& -et user name

0oo#ie23 coo#ies = req.0oo#ies()"

%or (i=4" i 5 coo#ies.lengt'" i66) {

0oo#ie coo#ie = coo#ies2i3" i% (coo#ie.get7ame().equals(sso0oo#ie!)) {

String encr/ptedserId = coo#ie.get8alue()"

String userId = :ncr/pter.decr/pt(encr/ptedserId)"

i% (is8alid(userId)) {

HttpSession session = req.getSession()"

session.set9ttribute(userId!,userId)"

&& end i% is8alid

&& end i% coo#ie = sso0oo#ie

&& end %or

&& end do-et


24/83

-4 8ross ,ite-4 8ross ,ite

,criptin$ 2?,,3,criptin$ 2?,,3


25/83

. 25

-4: 8ross ,ite ,criptin$ 2Description3

9n attacer can use cross site scripting techni:ue toimplement malicious script %into a server', which isthen sent to unsuspecting users accessing the sameserver> E>ampleG #hat server

The attace" users %victimFs' browser has no way tonow that the script shoul" not be truste", an" will

e>ecute the script> 2ecause it thins the script came 3rom a truste" source, themalicious script can access any cooies, session toens, orother sensitive in3ormation retaine" by your browser an" use"with that site

> These scripts can even rewrite the content o3 the HTM) page


26/83

. 26

-4: 8ross ,ite ,criptin$2Description3

7SS attacs usually come in the 3orm o3 embe""e"JavaScript

> However, any embe""e" active content is a potential source o3"anger, inclu"ingG 9ctive7 %D)E', B2script, Shocwave,


27/83

. 27

-4: 8onse@!ences of 8ross ,ite,criptin$ 267amples3

1isclosure o3 the users session cooie session high$*acing

1isclosure o3 en" user 3iles Installation o3 Tro*an horse programs

;e"irecting the user to some other page or

site Mo"i3ying presentation o3 content


28/83

. 28

-4: 8ross ,ite ,criptin$

2)ow to Aind them3 Search 3or all places where input 3rom an HTT-

re:uest coul" possibly mae its way into the

HTM) output


29/83

. 29


28o!nter eas!res3 Bali"ate all inputs, especially those inputs that

will later be use" as parameters to DS

comman"s, scripts, an" "atabase :ueries It is particularly important 3or content that will be

permanently store" somewhere

5sers shoul" not be able to create messagecontent that coul" cause another user to loa" anun"esireable page or un"esireable content whenthe userFs message is retrieve"


30/83

. 30


28o!nter eas!res3 Bali"ate input against a rigorous positive

speci3ication o3 what is e>pecte"

> Bali"ation o3 all hea"ers, cooies, :uery strings, 3orm3iel"s, an" hi""en 3iel"s %i.e., all parameters' against arigorous speci3ication o3 what shoul" be allowe"

> Aegative or attac signature base" policies are "i33icultto maintain an" are liely to be incomplete

> White$listingG a$=, 9$, !$4, etc.> Truncate input 3iel"s to reasonable length


31/83

. 31

-4: 8ross ,ite ,criptin$ 28o!nter eas!res3

Enco"e user supplie" output> -reventing inserte" scripts 3rom being transmitte" to users in

an e>ecutable 3orm

9pplications can gain signi3icant protection 3rom*avascript base" attacs by converting the3ollowing characters in all generate" output tothe appropriate HTM) entity enco"ingG> 3rom K@ to Llt@

> 3rom N@ to Lgt@> 3rom %@ to LO6!@> 3rom '@ to LO6@> 3rom O@ to LO/8@>

3rom L@ to LO/&@


32/83

. 32

-4: 8ross,ite ,criptin$ 2Alawed3

protected void doPost(HttpServletRequest req, HttpServletResponse res){

String title = req.getParameter(;I;avaScript.

statement.setString(?,title)"

statement.setString(@,message)"

statement.eAecutepdate()"

catc' (:Aception e) {

&& end catc' && end doPost


33/83

. 33

-4: 8ross,ite ,criptin$ 2,ol!tion3private static String strip:vil0'ars(String evilInput) {

Pattern evil0'ars = Pattern.compile(2BaC9D4E3!)"return evil0'ars.matc'er(evilInput).replace9ll(!)"

protected void doPost(HttpServletRequest req, HttpServletResponse res) { && 1o vigorous input validation

String title = strip:vil0'ars(req.getParameter(;I;


34/83

8ross ,ite8ross ,ite

,criptin$ Demo,criptin$ Demo


35/83

. 35

Demo ,cenario 2,tored ?,,3

The server is a chat server

The chat server "isplays whatever message that istype" in by a particular user to all other users

9n attacer %user 9' implements JavaScript as parto3 a message %message 9'

The chat server saves the message %into the

"atabase or whatever storage' without inputvali"ation

When unsuspecting user %user 2' rea"s themessage 9, the JavaScript will be e>ecute"


36/83

. 36

Demo ,cenario 2Beflected ?,,3

Whatever type" in by a user is re3lecte" bac to abrowser

9 mal$inten"e" JavaScript will be re3lecte" bac to abrowser


37/83

-& !ffer +verflow-& !ffer +verflow


38/83

. 38

-&: !ffer +verflow 6rrors 2Description3

9ttacers use bu33er over3lows to corrupt thee>ecution stac o3 a web application

> 2y sen"ing care3ully cra3te" input to a web application, an

attacer can cause the web application to e>ecutearbitrary co"e

2u33er over3low 3laws can be present in both the webserver or application server pro"ucts or the webapplication itsel3

Aot generally an issue with Java apps

> Java type checing


39/83

-C njection Alaws-C njection Alaws


40/83

. 40

-C: njection Alaws 2Description3 In*ection 3laws allow attacers to relay malicious

co"e through a web application to another system

> #alls to the operating system via system calls> The use o3 e>ternal programs via shell comman"s> #alls to bacen" "atabases via S() %i.e., S() in*ection'

9ny time a web application uses an interpreter o3any type, there is a "anger o3 an in*ection attac


41/83

. 41

-C: njection Alaws 2Description3 Many web applications use operating system

3eatures an" e>ternal programs to per3orm their

3unctions> ;untime.e>ec%' to e>ternal programs %lie sen"mail'

When a web application passes in3ormation 3rom anHTT- re:uest through as part o3 an e>ternal

re:uest, the attacer can in*ect special %meta'characters, malicious comman"s, or comman"mo"i3iers into the in3ormation


42/83

. 42

-C: njection Alaws 267ample3 S() in*ection is a particularly wi"esprea" an"

"angerous 3orm o3 in*ection

> To e>ploit a S() in*ection 3law, the attacer must 3in" aparameter that the web application passes through to a"atabase

> 2y care3ully embe""ing malicious S() comman"s intothe content o3 the parameter, the attacer can tric theweb application into 3orwar"ing a malicious :uery to the"atabase


43/83

. 43

-C: njection Alaws 267amples3 -ath traversal

> ..P@ characters as part o3 a 3ilename re:uest

9""itional comman"s coul" be tace" on to the en"o3 a parameter that is passe" to a shell script toe>ecute an a""itional shell comman"> rm r Q@

S() :ueries coul" be mo"i3ie" by a""ing a""itionalconstraints to a where clause> D; R@


44/83

. 44

-C: njection Alaws 2)ow to find them3 Search the source co"e 3or all calls to e>ternal

resources

> e.g., system, e>ec, 3or, ;untime.e>ec, S() :ueries, orwhatever the synta> is 3or maing re:uests to interpretersin your environment


45/83

. 45

-C: njection Alaws 28o!nter eas!res3 9voi" accessing e>ternal interpreters wherever possible

> 5se library 9-IFs instea"

Structure many re:uests in a manner that ensures that allsupplie" parameters are treate" as "ata, rather thanpotentially e>ecutable content

>


46/83

. 46

-C: ,E njection 28o!nter eas!res3 When maing calls to bacen" "atabases, care3ully

vali"ate the "ata provi"e" to ensure that it "oes not

contain any malicious content 5se -repare"Statement or Store" proce"ures


47/83

,E njection Demo,E njection Demo


48/83

. 48

Demo ,cenario

9 user access "atabase through a web server toview his cre"itcar" number by giving a useri"

9 web server buil"s an S() :uery to the "atabaseserver using the user$entere" useri" withoutper3orming an input vali"ation

9n attacer sen"s .. D; R@ as part o3 useri"

The "atabase server "isplays all users


49/83

-F: mproper 6rror-F: mproper 6rror

)andlin$)andlin$


50/83

. 50

-F: mproper 6rror )andlin$

2Description3 The most common problem is when "etaile" internal error

messages such as stac traces, "atabase "umps, an" errorco"es are "isplaye" to a potential hacer

> These messages reveal implementation "etails that shoul" never bereveale"

Dther errors can cause the system to crash or consumesigni3icant resources, e33ectively "enying or re"ucing service

to legitimate users )e3t$over "uring "ebugging process

Inconsistent errors may reveal internal in3o.>


51/83

. 51

-F: mproper 6rror )andlin$ 28o!nter

eas!res3 The errors must be han"le" accor"ing to a well

thought out scheme that will

> provi"e a meaning3ul error message to the user> provi"e "iagnostic in3ormation to the site maintainers> provi"e no use3ul in3ormation to an attacer

9ll security mechanisms shoul" "eny access untilspeci3ically grante", not grant access until "enie"


52/83

. 52


eas!res3 oo" error han"ling mechanisms shoul" be able to

han"le any 3easible set o3 inputs, while en3orcing

proper security Error han"ling shoul" not 3ocus solely on input

provi"e" by the user, but shoul" also inclu"e anyerrors that can be generate" by internal components

such as system calls, "atabase :ueries, or any otherinternal 3unctions


53/83

. 53


eas!res3 9 speci3ic policy 3or how to han"le errors shoul" be

"ocumente", inclu"ing

> The types o3 errors to be han"le"> 9n architect shoul" play a role o3 coming up an"

en3orcing a company$wi"e policy


54/83

. 54


eas!res3 In the implementation, ensure that the site is built to

grace3ully han"le all possible errors.

> When errors occur, the site shoul" respon" with aspeci3ically "esigne" result that is help3ul to the userwithout revealing unnecessary internal "etails.

> #ertain classes o3 errors shoul" be logge" to help "etectimplementation 3laws in the site an"Por hacing attempts.


55/83

. 55


eas!res3 Bery 3ew sites have any intrusion "etection

capabilities in their web application, but it is certainly

conceivable that a web application coul" tracrepeate" 3aile" attempts an" generate alerts> Aote that the vast ma*ority o3 web application attacs are

never "etecte" because so 3ew sites have the capabilityto "etect them. There3ore, the prevalence o3 webapplication security attacs is liely to be seriouslyun"erestimate"


56/83

. 56

(hats (ron$ (ith This Pict!re5


57/83

. 57

-F: mproper 6rror )andlin$ 2Alaw3

protected voiddoPost(HttpServletRequestreq,HttpServletResponseres){Stringquer/ =FS:


58/83

. 58

-F: mproper 6rror )andlin$ 2,ol!tion3

protected voiddoPost(HttpServletRequestreq,HttpServletResponseres){Stringquer/ =FS:


59/83

-% #pplication-% #pplicationDenial +f ,erviceDenial +f ,ervice

2D+,32D+,3


60/83

. 60

-%: #pplication D+, 2Description3 Types o3 resources

> 2an"wi"th, "atabase connections, "is storage, #-5, memory,threa"s, or application speci3ic resources

9pplication level resources> Heavy ob*ect allocationPreclamation> Dveruse o3 logging

> 5nhan"le" e>ceptions> 5nresolve" "epen"encies on other systems> Web services> 1atabases


61/83

. 61

-%: #pplication D+, 2)ow to

determine yo! v!lnerability3 )oa" testing tools, such as JMeter can generate web

tra33ic so that you can test certain aspects o3 how yoursite per3orms un"er heavy loa"

> #ertainly one important test is how many re:uests persecon" your application can 3iel"

> Testing 3rom a single I- a""ress is use3ul as it will giveyou an i"ea o3 how many re:uests an attacer will haveto generate in or"er to "amage your site

To "etermine i3 any resources can be use" to create a"enial o3 service, you shoul" analy=e each one to see i3there is a way to e>haust it


62/83

. 62

-%: #pplication D+, 28o!nter

eas!res3 )imit the resources allocate" to any user to a bare

minimum

#onsi"er only han"ling one re:uest per user at a time bysynchroni=ing on the users session

> #onsi"er "ropping any re:uests that you are currentlyprocessing 3or a user when another re:uest 3rom that userarrives


63/83

. 63

-%: #pplication D+, 28o!nter

eas!res3


64/83

+ther (eb+ther (eb#pplications#pplications

,ec!rity Threats,ec!rity Threats


65/83

. 65

+ther (eb #pplication ,ec!rity

Threats 5nnecessary an" Malicious #o"e

2roen Threa" Sa3ety an" #oncurrent -rogramming

5nauthori=e" In3ormation athering 9ccountability -roblems an" Wea )ogging

1ata #orruption

2roen #aching, -ooling, an" ;euse


66/83

ro;en Threadro;en Thread

,afety Demo,afety Demo


67/83

. 67

Demo ,cenario

9 servlet uses static variable calle" current5ser toset the username an" then "isplays the value o3 it

9 servlet can be accesse" by multiple clients

9 servlet is not written to be multi$threa" sa3e

The instance variable can be in race$con"ition> 2rowser 9 sets the username to *e33

> 2rowser 2 sets the username to "ave> I3 these two browsers access the servlet almost at the

same time, both browsers "isplay one o3 the two names


68/83

Principles ofPrinciples of,ec!re,ec!re

Pro$rammin$Pro$rammin$


69/83

. 69

Principles of ,ec!re Pro$rammin$

. Minimi=e attac sur3ace area

. Secure "e3aults

/. -rinciple o3 least privilege

6. -rinciple o3 "e3ense in "epth8. ternal systems are insecure

0. Separation o3 "uties

&. 1o not trust security through obscurity

4. Simplicity

!. security issues correctly


70/83

. 70

inimi"e #ttac; ,!rface #rea

The aim 3or secure "evelopment is to re"uce theoverall ris by re"ucing the attac sur3ace area

Every 3eature that is a""e" to an application a""s acertain amount o3 ris to the overall application> The value o3 a""ing a 3eature nee"s to be accesse" 3rom

security ris stan"point


71/83

. 71

,ec!re Defa!lts

There are many ways to deliver an out of thebox experience for users. However, by default,the experience should be secure, and it shouldbe up to the user to reduce their security if theyare allowed

Example:> y default, password a!in! and complexity should be

enabled

> "sers mi!ht be allowed to turn off these two features tosimplify their use of the application


72/83

. 72

Principle of Eeast Privile$e

#ccounts have the least amount of privile!ere$uired to perform their business processes.> This encompasses user ri!hts, resource

permissions such as %&" limits, memory, networ',and file system permissions

Example> (f a middleware server only re$uires access to the

networ', read access to a database table, and the

ability to write to a lo!, this describes all thepermissions that should be !ranted


73/83

. 73

Principle of Defense n Depth

%ontrols, when used in depth, can ma'e severevulnerabilities extraordinarily difficult to exploitand thus unli'ely to occur.> )ith secure codin!, this may ta'e the form of tier*

based validation, centrali+ed auditin! controls, andre$uirin! users to be lo!!ed on all pa!es


74/83

. 74

Aail ,afely

Applications regularly fail to process transactionsfor many reasons. How they fail can determine if anapplication is secure or not

Example: In the code below, if codehich!ay"ail#$fails, the attac%er gets an admin pri&iledge

isAdmin ' true(try )

codehich!ay"ail#$( isAdmin ' is*serIn+ole# Administrator- $(catch #Exception ex$ ) log.write#ex.to/tring#$$(


75/83

. 75

67ternal ,ystems #re nsec!re

(mplicit trust of externally run systems is notwarranted> #ll external systems should be treated in a similar

fashion

Example:> # loyalty pro!ram provider provides data that is

used by (nternet an'in!, providin! the number ofreward points and a small list of potential

redemption items> However, the data should be chec'ed to ensure

that it is safe to display to end users, and that thereward points are a positive number, and notimprobably lar!e


76/83

. 76

,eparation of D!ties

# 'ey fraud control is separation of duties

%ertain roles have different levels of trust thannormal users

> (n particular, #dministrators are different to normalusers. (n !eneral, administrators should not be users ofthe application

Example> #n administrator should be able to turn the system on

or off, set password policy but shouldnt be able to lo!on to the storefront as a super privile!ed user, such asbein! able to buy !oods on behalf of other users.


77/83

. 77

Do Got Tr!st ,ec!rity Thro!$h+bsc!rity

-ecurity throu!h obscurity is a wea' securitycontrol, and nearly always fails when it is the onlycontrol> This is not to say that 'eepin! secrets is a bad idea, it

simply means that the security of 'ey systems shouldnot be reliant upon 'eepin! details hidden

Example> The security of an application should not rely upon only

on 'nowled!e of the source code bein! 'ept secret> The security of an application should rely upon many

other factors, includin! reasonable password policies,defense in depth, business transaction limits, solidnetwor' architecture, and fraud and audit controls


78/83

. 78

,implicity

#ttac' surface area and simplicity !o hand inhand. %ertain software en!ineerin! fads preferoverly complex approaches to what wouldotherwise be relatively strai!htforward and simplecode.

Example> #lthou!h it mi!ht be fashionable to have a slew of

sin!leton entity beans runnin! on a separate

middleware server, it is more secure and faster tosimply use !lobal variables with an appropriate mutexmechanism to protect a!ainst race conditions.


79/83

. 79

Ai7 ,ec!rity ss!es 8orrectly

nce a security issue has been identified, it isimportant to develop a test for it, and to understandthe root cause of the issue

Example

> # user has found that they can see another usersbalance by ad/ustin! their coo'ie. The fix seems tobe relatively strai!htforward, but as the coo'iehandlin! code is shared amon!st all applications,a chan!e to /ust one application will tric'le throu!h

to all other applications. The fix must therefore betested on all affected applications.


80/83

ToolsHToolsH


81/83

. 81

Tools

)eb-carab * a web application vulnerabilityassessment suite includin! proxy tools

0alidation 1ilters 2-tin!er for 34EE, filters for

&H&5 !eneric security boundary filters thatdevelopers can use in their own applications

%ode-py loo' for security issues usin!reflection in 34EE apps


82/83

. 82

Tools

%ode-ee'er * an commercial $uality applicationlevel firewall and (ntrusion 6etection -ystem thatruns on )indows and 7inux and supports ((-,#pache and i&lanet web servers,

)eb8oat * an interactive trainin! andbenchmar'in! tool that users can learn aboutweb application security in a safe and le!alenvironment

)eb-phinx web crawler loo'in! for securityissues in web applications

)#-& &ortal * our own 3ava based portal codedesi!ned with security as a prime concern


83/83

Web ApplicationWeb ApplicationSecurity ThreatsSecurity Threatsand Counterand Counter

MeasuresMeasures

Sang ShinSang [email protected]@sun.com

www.javapassion.comwww.javapassion.comJava Technology EvangelistJava Technology Evangelist

Web Security Threats

Documents

Transcript of Web Security Threats