Visual Basic Developer[ap]s Guide to ASP and IIS

Chapter 5 - Securing an IIS Application

Visual Basic Developers Guide to ASP and IIS
A. Russell Jones
  Copyright 1999 SYBEX Inc.
Improve Site Security
You've implemented the rudiments of sign-on/password security, but there are some serious security holes in the site. First, the way the project is set up, you have to provide write access to the application so it can write the registration file. That's a bad security practice because it's relatively easy to fool a server into writing files. Someone might manage to upload malevolent code onto your server. Worse yet, try typing this URL into your browser (you will need to substitute your own server name and virtual directory name):
http://myServer/SecuredSite/registration.txt
Bad isn't it? Any person who knows the name of the registration file could obtain all the sign-ons and passwords.
Second, anybody can register—and there's little point in providing security if you then let anyone in who can invent a sign-on and password, unless you're just trying to capture personal information, such as contact information for visitors to your site. It would be much better to have a site administrator assign sign-ons to individuals. If you're really looking for good security, you should assign passwords as well, because people tend to select easy-to-guess passwords or to reuse them in many places.
Here are several ways you could improve the security for the site:
  Move the registration file to a directory outside of your Web root and outside of your File Transfer Protocol (FTP) root. That way, people won't be able to find it easily.
  Change the method for storing registration information from a file-based system to a secured database.
  Add administrative options to assign sign-ons and passwords.
  Add automatic password changes after a specific period of time has elapsed. For example, you might force people to change passwords each month, with a one-week grace period. People with expired passwords would need to contact an administrator to obtain a new one.
  Use NT user- or group-level security to restrict access to the directory. You'll see more about this in the next section. If you do this, you may not need sign-on and password security in your application; you can use the NT security instead.
Related

Категории