Input Validation Attacks:
It is one of the very ‘easy to implement’ attack. It insets malicious scripts into an application and by running such application the system can be attacked and it becomes vulnerable. It is even hard to defend than passive attacks.
Following are some of the best countermeasures against input validation attacks:
Application should be subjected to every possible future situation that can encounter by security perspective
Programmers are supposed to understand the importance of giving attention to security aspects,while they develop the application.
Adopting a protective approach is best in practice. It is more affective, cheaper, easier and faster tool to look for and remove any loopholes in input validation in the stages of development.
Keeping your program very simple helps you to test it against loopholes and input validation vulnerabilities.
Restricted user and file access should be implemented in all kinds of application environments.
There should be proper separation between trusted and untrusted data.Trusted data should never be allowed spill over the understand memory spaces.
Keep in mind that any applications should not be allowed to other access trusted applications.
Most common buffer overflow attacks can be avoided by applying above measures.Buffer overflow are one of the lethal weapon for hackers and it is a widely used type of net attacks.
If you spill out special characters like quotation marks, slash, semicolon, backslash etc., from user input , URL parameters and cookies it will make it harder for attacker to implement such attack ans also SQL injection attacks.
It is one of the very ‘easy to implement’ attack. It insets malicious scripts into an application and by running such application the system can be attacked and it becomes vulnerable. It is even hard to defend than passive attacks.
Following are some of the best countermeasures against input validation attacks:
Application should be subjected to every possible future situation that can encounter by security perspective
Programmers are supposed to understand the importance of giving attention to security aspects,while they develop the application.
Adopting a protective approach is best in practice. It is more affective, cheaper, easier and faster tool to look for and remove any loopholes in input validation in the stages of development.
Keeping your program very simple helps you to test it against loopholes and input validation vulnerabilities.
Restricted user and file access should be implemented in all kinds of application environments.
There should be proper separation between trusted and untrusted data.Trusted data should never be allowed spill over the understand memory spaces.
Keep in mind that any applications should not be allowed to other access trusted applications.
Most common buffer overflow attacks can be avoided by applying above measures.Buffer overflow are one of the lethal weapon for hackers and it is a widely used type of net attacks.
If you spill out special characters like quotation marks, slash, semicolon, backslash etc., from user input , URL parameters and cookies it will make it harder for attacker to implement such attack ans also SQL injection attacks.
No comments:
Post a Comment