Programming Microsoft ASP.NET 2.0 Core Reference
Where the Threats Come From
The concept of security implies the presence of an enemy we're protecting ourselves against. Table 15-1 summarizes the most common types of Web attacks.
| Attack | Description |
|---|---|
| Cross-site scripting (XSS) | Untrusted user input is echoed to the page. |
| Denial of service (DoS) | The attacker floods the network with fake requests, overloading the system and blocking regular traffic. |
| Eavesdropping | The attacker uses a sniffer to read unencrypted network packets as they are transported on the network. |
| Hidden-field tampering | The attacker compromises unchecked (and trusted) hidden fields stuffed with sensitive data. |
| One-click | Malicious HTTP posts are sent via script. |
| Session hijacking | The attacker guesses or steals a valid session ID and connects over another user's session. |
| SQL injection | The attacker inserts malicious input that the code blissfully concatenates to form dangerous SQL commands. |
The bottom line is that whenever you insert any sort of user input into the browser's markup, you potentially expose yourself to a code-injection attack (any variations of SQL injection and XSS). In addition, sensitive data should never be sent across the wire (let alone as clear text) and must be stored safely on the server.
If there's a way to write a bulletproof and tamper-resistant application, it can only consist of the combination of the following measures:
-
Coding practices data validation, type and buffer length checking, and anti-tampering measures
-
Data access strategies using roles to ensure the weakest possible account, and using stored procedures or at least parameterized commands
-
Effective storage and administration no sending of critical data down to the client, using hash codes to detect manipulation, authenticating users and protecting identities, and applying rigorous policies for passwords
As you can see, a secure application can result only from the combined efforts of developers, architects, and administrators. Don't imagine that you can get it right otherwise.