This section describes types of attacks and some strategies for defending against them.
There are several ways in which data can be tampered with, compromised, and stolen. In addition, systems can be overwhelmed with traffic to the point that they are rendered useless.
Integrity attacks Data integrity is a measure of the quality of the information stored and transmitted on a system.
Types of attacks on data integrity include deleting or modifying files or information on the file system or over a network.
Spoofing IP spoofing occurs when an intruder attempts to deceive the target system into accepting packets that appear to the target as coming from someone other than the intruder. If the target system already has an authenticated TCP session with another system and mistakenly accepts spoofed IP packets, the intruder can access sensitive information and lead the target to execute commands in that packet, as though they came from the authenticated connection.
Availability attacks Availability attacks occur when a resource such as a Web site or HTTP port becomes unavailable due to a high volume of traffic. Someone can use a program to generate thousands of simultaneous requests aimed at the same site which then is unable to respond to legitimate requests.
Capture-and-replay Capture-and-replay refers to an intruder capturing data as it moves from one system to another. User names, passwords, authentication information, and so on, can be tampered with or used by the intruder to gain access to protected resources.
There are a variety of ways and tools that intruders use to gain access to system resources. Some of these attacks are undetected, while others destroy or alter information. Following is a few examples of how an intruder gains access to system resources:
A brute force attack involves using many combinations until the right key/password is located. Although it may seem like an expensive operation, both in time and resources, tools are available that can speed-up the process.
A trojan horse attack occurs when an intruder secretly inserts a program or file that either steals or destroys information, such as a virus. Another simple example would be for someone to place a bogus program on your system that prompts for a user name and password. The program simply logs the user name and password information. The intruder accesses this information and can then use your user name and password to access resources to which you are permitted.
A person-in-the-middle attack intercepts communication between two parties without their knowledge. This attack allows two parties to communicate without knowing a third party has access to the same information.
This section discusses some of the methods by which you can protect data and restrict access to resources.
Protecting ports and listeners You can provide various levels of security to EAServer listeners by assigning security profiles to HTTPS and IIOPS listeners. See Chapter 13, “Security Configuration Tasks” for more information.
Protecting application server resources and securing clients EAServer provides several methods to protect server resources and secure client/server connections:
Set authentication and authorization levels using EAServer Manager. See Chapter 3, “Using Web Application Security.”
Create custom authentication and authorization components. See Chapter 10, “Creating and Using Custom Security Components.”
Use the Java authentication and authorization service (JAAS). See Chapter 11, “Using the JAAS API.”
Use SSL to protect your Java, C++, and ActiveX clients. See Chapter 5, “Using SSL in Java Clients,” Chapter 6, “Using SSL in C++ Clients,” and Chapter 8, “Using SSL in ActiveX Clients”.
Establish minimum levels of protection for components, packages, and methods using quality of protection (QOP). See Chapter 2, “Securing Component Access.”
Propagate client principal information from one server to another and use run-as support so an EJB can perform method invocations on other EJBs using a different identity. See Chapter 2, “Securing Component Access.”
Protecting data Use public-key certificates when exchanging sensitive data over a network to protect it from being viewed by intruders. See Chapter 14, “Managing Keys and Certificates” for more information.
| Copyright © 2005. Sybase Inc. All rights reserved. |
|
|