Improving Web Application Security: Threats and Countermeasures
Examine the way that your application handles error conditions. It is recommended that you consistently use structured exception handling. Also, check that your application does not reveal too much information when an exception occurs. Table 5.9 shows the two major exception management vulnerabilities.
| Vulnerability | Implications |
|---|---|
| Failing to use structured exception handling | Your application is more susceptible to denial of service attacks and logic flaws, which can expose security vulnerabilities. |
| Revealing too much information to the client | An attacker can use this information to help plan and tune subsequent attacks. |
Review the following questions to help ensure that your design is not susceptible to exception management security vulnerabilities:
-
Do you use structured exception handling?
-
Do you reveal too much information to the client?
Do You Use Structured Exception Handling?
Examine how your application uses structured exception handling. Your design should mandate that structured exception handling be used consistently throughout the entire application. This creates more robust applications and your application is less likely to be left in inconsistent states that can reveal security vulnerabilities.
Do You Reveal Too Much Information to the Client?
Make sure that a malicious user cannot exploit the overly detailed information that an error message contains. Review the following points:
-
Do you catch, handle, and log exceptions on the server?
Make sure that the application does not let internal exception conditions propagate beyond the application boundary. Exceptions should be caught and logged on the server and, if necessary, generic error messages should be returned to the client.
-
Do you use a centralized exception management system?
The best way to handle and log exceptions consistently throughout your application is to use a formalized exception management system. You can also tie this system into monitoring systems that can be used by the operations team for health and performance monitoring.
-
Have you defined a set of custom error messages?
Your design should define the custom error messages will be used by your application when critical errors occur. Make sure they do not contain any sensitive items of data that could be exploited by a malicious user.
For more information about designing and implementing an exception management framework for .NET applications, see MSDN article, "Exception Management in .NET," at http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnbda/html/exceptdotnet.asp .
Категории