Page 321 - StudyBook.pdf
P. 321
Communication Security: Web Based Services • Chapter 5 305
Limit Access and Back up Your Site
Damage & Defense… destroy data on the site. Some malicious hackers may modify a site so
Hackers may attack a site for different reasons. Some may simply poke
around, look at what is there, and leave, whereas others may modify or
that sensitive material is not destroyed, but the effects are more akin to
graffiti. This was the case when data was modified on the Web site of the
Royal Canadian Mounted Police (RCMP). Cartoon images appeared on
the site, showing RCMP officers riding pigs rather than horses. Although
the images were quickly fixed by simply uploading the original content
to the server, this case illustrates the need to set proper permissions on
directories and regularly back up a site.
Often, content is created on one computer and then transferred it to
the actual Web site (unless using a program such as Front Page that
allows you to work directly on the Web site). In many cases, the adminis-
trator may feel this is enough, since they will have a copy of the content
on the machine where it was originally created. By backing up content,
they are insuring that if a script, applet, or component is misused, the site
can be restored and repaired quickly.
Before a problem occurs (and especially after one happens), the
administrator should review permissions to determine if anonymous or
low-level users have more access than they should. If they can write to a
directory or execute files, they may find that this is too much access
(depending on the directory in question). In any case, administrators
should not give users any more access to a directory than they need, and
the directories lower in the hierarchy should be checked to ensure that
they do not have excessive permissions due to their location. In other
words, if a directory is lower in the hierarchy, it may have inherited the
same permissions as its parent directory, even though you do not want
the lower level directory to have such a high level of access.
In evaluating the security of a site, you should also identify any
accounts that are no longer used or needed. A user account may be cre-
ated for a database or to access a directory on a Web site, but after a
time, it is no longer used. Such accounts should be deleted if there is no
need for them, and any accounts that are needed should have strong
passwords. By limiting the avenues of attack, a hacker’s ability to exploit
vulnerabilities becomes increasingly more difficult.
Because of the possible damage a Java applet, JavaScript, or ActiveX component
can do to a network in terms of threatening security or attacking machines, many
companies filter out applets completely. Firewalls can be configured to filter out
applets, scripts, and components so that they are removed from an HTML docu-
www.syngress.com
