A Short brief on website protection

The typical purpose of hacker attacks are

• Steal secret information (passwords, etc.)
• Gain access to confidential information
• Hack sites, dele data
• Replacing the content of a website
• Inject advertising information
• Theft of traffic

Web server attacks can be divided into two categories: local and global

Local attacks are usually aimed at stealing information or gaining control of a web server
Global attacks are usually aimed at several websites and the aim is to infect all of their visitors

The most dangerous types of network attacks

Phishing

A type of an attack that begins with the distribution of e-mail messages that contain a link to a known resource (or simulates such a link). The design of a web page is usually copied. The falsified page can, for example, inform that the bank where you have an account wants you to verify your access security, and they ask you to enter your credit card number and PIN-code. After entering this information, a message appears that everything is in order, and after a while, you will find that money was lost from your account. This scheme can be used not only to steal money. Having access to the user’s account, the attackers can then gain access to its confidential information.

Spoofing

is a type of phishing attack. In essence its aim is to attack via a DNS (or some other way), when a page with a known URL is replaced by an attacker’s page.

Trojan horse (Spyware)

A program that records all keystrokes on a terminal or a mouse, it can take screenshots and transferr this data to a remote host.

Trojan horse (Spyware)

This type of programs is not necessarily harmful. Some software developers embed such programs into their products to track their customers’ preferences. Unfortunately, not all of them are harmless. Some spyware programs, being true to their name, track the actions of the host’s machine (keystrokes, visited sites, confidential information, etc.) and transmit the results to their controller. A spyware infection can occur through e-mail, IM (Instant Messaging) or as a result of visiting a compromised website.

Attacks on Web servers

Legal Web Servers are hacked through the following types of attacks:

• SQL-Injection
• Malicious ads
• Thru redirecting the results of the search server
• Through virtual hosting companies
• Through vulnerabilities of programs used on forums
• Cross-site scripting

SQL injection

SQL-injection is used to attack web sites that work with databases. The possibility of introducing an SQL-code occurs when SQL-queries use unfiltered data entered by users.
Many modern websites use scripts and SQL queries to dynamically generate page content. SQL queries often use data entered by users; this can lead to a security risk, because attackers can try to inject malicious SQL code into the input data. Without proper security measures, this code can be successfully injected to a server.

Cross-Site Scripting (CSS)

Is one of the most widespread network attacks aimed at getting personal data by using web technologies (sometimes called “HTML injection”). This hack is executed by running a Javascript code in the victim’s browser. The results is gaining some information of the victim’s machine (for example, cookies). The method does not cause immediate harm, but may precede to a more serious attack.

XSS (crossite scripting)

This type of an attack is aimed at websites that display user-entered data. Instead of trying to gain control over the database by entering a malicious code, an attacker tries to attack the code of the website itself, introducing malicious segments into it.

Protection against Internet attacks

Server-Side Protection

• Configuring the Rights on a server
• Configuring the http server
• Accurate programming on the server side
• Validating incoming http requests

Protection on the client

• General anti-virus protection
• WAF
• Checking incoming http traffic
• Browser security settings
• Reasonable methods for storing passwords and sensitive data