Introduction to The Importance of Web Application Scanning
Web servers are vulnerable because hackers have all the time in the world to try their nefarious techniques to gain unauthorized entry. The best solution to prevent your website being attacked is Web
Application Scanning.
Web applications are proving to be the weakest link in
overall corporate security. Organizations need a Web application scanning solution that can scan for security loopholes in Web-based applications to prevent
would-be hackers from gaining unauthorized access to corporate applications and data.
Hackers are exploiting security loopholes in Web applications. According to a survey by the Gartner Group, 75% of all Internet assaults are targeted at Web applications.
A famous Web application attack was carried out by a 17 year-old Norwegian boy. While making online transactions with his bank, he noticed that the URLs of the pages displayed his account number as one of the parameters. He then
substituted random account numbers. Soon he was able to access other customers’ accounts. He was in a position to transfer funds from these hacked accounts to his own account.
Clearly, Web applications are the biggest Achilles heel in an organization’s security
strategy. They are much more difficult to protect than traditional applications that reside behind a firewall. Web application security needs to be stringently checked using an automated Web application
security scanner.
A Web application scanner is an automated security program that searches for software vulnerabilities within Web applications. A Web application scanner first crawls the entire website,
analyzing in-depth each file it finds, and displaying the entire website structure. After this discovery stage, it performs an automatic audit for common security vulnerabilities by launching a series of Web
attacks. Web application scanners check for vulnerabilities on the Web server, proxy server, Web application server and even on other Web services.
What a Web Applications Scanners should do for You.
Analyze different Web technologies, such as PHP, ASP.NET, ASP, etc.
Produce readable and actionable results.
Scale, the scan must be fast enough to process large websites.
SQL injection: The hacker transmits SQL query commands to the database residing on your server via the Web application. What the hackers do is enter SQL commands in form fields on the webpage.
Thus, the hacker is able to run SQL queries and commands on your web server.
Directory Traversal Attacks. This attack is also called the ../ (dot dot slash) attack. Hackers manipulate Web application to access to files that are normally. The attack works by changing the parameter
that an application would use to access a certain file. For instance, suppose the value of the parameter includes the path of a particular file. Placing ../ at the beginning of the parameter value forces the
application to access the file in the parent directory.
Parameter Manipulation. This involves manipulating data transmitted between the browser and Web application. Specific example: Cookie
manipulation: Cookies maintain a certain state in HTTP by storing user preferences and information related to session maintenance. All cookies can be changed at the client end and then sent to the server with
URL requests. Thus, a hacker can easily manipulate the data residing within a cookie.
Attacks
on Web applications are increasing. As per a report from the Computer Emergency Response Team (CERT), the number of successful Web application attacks is on the rise, from around 60% in 2002 to
80% in 2003. If Web application infringements continue to grow at this rate, customers’ confidence in online commerce will further diminish. As observed by Gartner, rampant attacks on Web applications make
customers wary of making online purchases for fear of credit card tampering and leakage of credit information.
The only way to combat the Web application security threat is to proactively scan websites and Web applications
for vulnerabilities and then fix them. Implementing a Web application scanning solution must be a crucial part of any organization’s overall strategy.
*
Guy
Recommends: Orion's Network Performance Monitor (NPM)
Orion NPM is designed for detecting network outages.
Network-centric
views (screenshot) make it easy to see what's working, and what needs
your attention.
