homepage Welcome to WebmasterWorld Guest from 23.22.194.120
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member

Visit PubCon.com
Home / Forums Index / Code, Content, and Presentation / PHP Server Side Scripting
Forum Library, Charter, Moderators: coopster & jatar k

PHP Server Side Scripting Forum

    
PHP and web dev security
Overview of security for web dev
Steerpike




msg:3455443
 11:28 pm on Sep 19, 2007 (gmt 0)

Risks, Weaknesses & Attacks

Our tech team recently had a bit of a security review, not much more than a lunchtime sit-in over a few days to try and indentify the main security issues to be aware of in web development. We're looking to implement a security checklist for projects - mostly to keep the tech team on their toes during development and to keep security issues at the forefront when they tend to fall by the wayside sometimes.
I thought the list we brainstormed might be an interesting starting place for further discussion here and might help others become aware of certain things they might have overlooked or not been aware of.

Development

  1. Implicit trust of tainted data
    • especially when used for commands/queries/includes/files/remote
    • Trusing the scope of data, not just the content
    • Be careful with eval()
    • [PHP] Be careful when using register_globals = ON

  2. Web folder permissions, .. traversal
  3. Caching of sensitive information
  4. Buffer overruns [bounds checking]
  5. Code injection – SQL, Javascript, File uploads
  6. Upload weaknessess – cookie poisoning
    • E.g. the myspace session hickaing cookie data ad posting code into other epoples pages

  7. Password Attacks – Dictionary, Brute force, Defaults
  8. Admin addresses – user management
  9. Protection of all sensitive pages, not just the gateway
  10. Remote code execution (e.g. php includes, JS ad-code)
  11. Common developer mistakes
  12. AJAX buggery (tween page exploits, API attacks)
  13. Cookie poisoning
  14. XSS
  15. Debug
  16. Error pages
  17. Email form hijacking, list theft
  18. Internal application warfare – ie. Users targetting each other.

Hardware / Hostring

  • Port Scans / firewall / VPNs
  • Web server and application lockdown/hardening (removal of demos)
  • Shared Hosting
  • Patching
  • Spam –relaying, list theft
  • Default config – server, hardware, devices

Awarenewss / Management / Policies
  • Security bootstrapping
  • Paswords – defaults/weak
  • Known Bug exploits – 3rd Party, Known virii/trojans etc targetting our apps/devices
  • 3rd Party Libraries (exploits, bug, and known locations)
  • Phishing (domain theft/spoofing)

Feel free to add to the list or to ask for expansion of a particular topic or area: someone with far greater security credentials than myself will hopefully drop their thoughts in :)

Steerpike

 

eelixduppy




msg:3455984
 2:35 pm on Sep 20, 2007 (gmt 0)

That's a good start for you there. Here's some links to get your a little further in implementing those mentioned above:
php: [us3.php.net...]
Apache: [httpd.apache.org...]
mysql: [dev.mysql.com...]

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Code, Content, and Presentation / PHP Server Side Scripting
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved