Page 363 - StudyBook.pdf
P. 363

Communication Security: Web Based Services • Chapter 5  347

                       Web browsers are a potential threat to security. Early browser programs
                         were fairly simple, but today’s browsers are complex; they are capable not
                         only of displaying text and graphics but of playing sound files and movies
                         and running executable code.The browser software also usually stores
                         information about the computer on which it is installed and about the
                         user (data stored as cookies on the local hard disk), which can be uploaded
                         to Web servers—either deliberately by the user or in response to code on a
                         Web site without the user’s knowledge.
                       ActiveX controls are programs that can run on Web pages or as self-
                         standing programs. Essentially, it is Microsoft’s implementation of Java.
                         ActiveX controls can be used to run attacks on a machine if created by
                         malicious programmers.
                       A cookie is a kind of token or message that a Web site hands off to a Web
                         browser to help track a visitor between clicks.The browser stores the
                         message on the visitor’s local hard disk in a text file.The file contains
                         information that identifies the user and their preferences or previous
                         activities at that Web site.

                 FTP Security


                       Another part of Internet-based security one should consider is FTP-based
                         traffic. FTP is an Application Layer protocol within the TCP/IP protocol
                         suite that allows transfer of data.
                       Active FTP uses port 21 as the control port and port 20 as the data port

                       Passive FTP is initiated by the client by sending a PASV command to the
                         server and uses ephemeral ports (ports above 1023, which are temporarily
                         assigned) that are set up using the PORT command to transfer data.

                       Anonymous connections to servers running the FTP process allow the
                         attacking station to download a virus, overwrite a file, or abuse trusts that
                         the FTP server has in the same domain.

                       FTP is like Telnet in that the credentials and data are sent in cleartext, so if
                         captured via a passive attack like sniffing, they can be exploited to provide
                         unauthorized access.








                                                                              www.syngress.com
   358   359   360   361   362   363   364   365   366   367   368