Index_A
A
absolute URLs, 282
access
checks, 305
maintaining, 16
separation of, 108
access control
entry, 554, 577
URL authorization, 284
accounts
checklists, 730
data server configuration, 672
database servers, 515518
delegating, 445, 518
Enterprise Services, 665
lockout policies for end- user accounts, 81
management, 111
need for disabling, 82
shared, 445, 518
vulnerabilities, 428
Web server configuration, 647648
Web servers, 428, 442
ACLs
ASP.NET application and Web services, 554, 577578
checklists, 703704
configuring for network service, 593594
on Machine.config, 554
act as part of the operating system, 559
administration
checklists, 707
interfaces, 86, 412
removing shares, 673
separation of privileges, 87
solutions, xviiixxi
administrative access, 412
administrative shares, 448, 521, 673
administrator accounts
database servers, 516
Web servers, 443
administrators
account to interactive logins, 518
checklists, 711
group membership, 518
need to log on interactively, 445
separating privileges, 115
ADO.NET
code access security permissions required by data providers, 396
exceptions, code review, 641
trapping and logging exceptions, 389
Afd.sys protections , 760761
alerts and notifications, 684
Web sites, 684
algorithms
importance of using correctly, 92, 119
listed, 92
AllowPartiallyTrustedCallersAttribute. See APTCA
alternate credentials, 356357
anonymous access
preventing, 666
serviced components , 636
anonymous account impersonation, 595597
anonymous authentication, turning off in IIS, 355
anonymous Internet user accounts, 653
anonymous Internet user identities, 109
anonymous logons
database servers, 517
Web servers, 445
anonymous Web accounts
impersonating, 579
Web servers, 443
anonymous Web user accounts, 648
APIs
calling potentially dangerous, 629
dangerous, 169
unmanaged, 169, 615
$AppDirUrl$, 230
application isolation
anonymous identities, 286
ASP.NET trust levels, 225226, 239
and code access security, 222
features for Windows 2000 and Windows Server 2003, 589590, 600
application servers
firewall considerations, 482486
how to secure, lxix
methodology, 480
overview, 475476
threats and countermeasures, 477
application level
authentication, 335
error handlers, 294
error handling in Global.asax, 341
events, 294
ApplicationAccessControl attribute
component level access checks, 305
to prevent anonymous access, 636
role-based security, 304
Application_Error
event handler, 341
to trap application level events, 294
application.NET framework version 1.1, 280
applications
activation types, 303
architecture diagram, 51
assemblies, 498
authorizing, 113
bin directory checklist, 703704
configuration settings in Machine.config, 552
constraining file I/O, 165, 205206
customizing policy for, 235
data, 370371
decomposing , 52
design guidelines for, 97100
directories, 183
DLLs, 498, 665
event sources, 295296
filters, 414
how to manage configurations securely, lxx
identifying purpose of, 50
identifying threats, 5859
information, 162
isolating, 222
isolating by identity, 594599
isolating with application pools, 599600
isolating with code access security, 600
pools, 599600
restricting in the database, 383
review, 101
securing, lxxvilxxvii
threats and countermeasures, 2324
tiers, 95
unused, 520
vulnerability categories, lxxvilxxvii, 910
AppSettings, 547
<appSettings> element
accessing cipher text from, 385
ASP.NET application and Web services, 547
APTCA, 152, 169
avoiding, 191
and code access security, 191192
diagnosing, 192
list of system assemblies with, 231232
and .NET framework, 140
and partial trust callers , 152
in partial trust Web applications, 231, 234
sandboxing , 238239, 245
strong names , 155156
arbitrary code execution
described, 23
Web servers, 425
architecture
of applications, 100
checklists, 689694
creating, 99100
deployment, 101
diagram, 49
for security, 99100
solutions, lxiii
array bounds, 169
ASP.NET
application and Web services, 545
application isolation, 239
architecture on Windows 2000, 591592
architecture on Windows server 2003, 592594
auditing and logging, 295296
and Authenticode, 155
building applications, lix
checklists, 695704
code access security with, 221224
common threats to Web pages and controls, 255
configuration files, 548
configuring for Windows authentication, 355
data access configuration to
applications, 579580
default policy permissions and trust levels, 233
errors on Web servers, 464
exception management, 293294
FileAuthorizationModule, 350
full trust and partial trust, 224225
generic error page, 392393
hosting remoted objects, 355
hosting with the HttpChannel, 669
how to host multiple applications, lxix
how to use code access security with, lxv
least privileged domain account, 579
major elements of policy file, 228229
medium trust, 239243
named permission set, 229230
pages and controls, 630634
parameter manipulation, 290293
policy files, 227229
process accounts NTFS permissions, 578
process accounts to access a remote database, 578
process identity, 556558
process model, 545
reduced attack surface, 239
resource access, 223224
resource access identity, 262
sandboxing, 244247
security for HttpChannel, 352
session state service, 646
state service, 440
strong names, 158
substitution parameters, 230
trust levels, 232234, 555556
Web services, 248249
ASP.NET application and Web services
ASP.NET process model, 545
authorization, 563565
debugging, 571
event log, 576577
exception management, 572
file access, 577578
and impersonation, 286
machine keys, 570571
Machine.config, 548555
methodology, 544545
overview, 543544
session state, 565569
snapshot of secure application, 585587
tracing, 571572
UNC shares, 581582
view state, 569
Web services, 573575
Web.config, 548555
AspNetHostingPermission, 230
Aspnet_setreg.exe, 546
assemblies
attributes, 155
authorization, 160
described, 145
design considerations, 150
dynamically loading, 619
event logging, 165166
file I/O, 825826
granting full trust to, 817
resource access code, 263
shared, 230
strong names, 155
unmanaged code, 168169
Web controls and user controls in, 263
assembly attribute, 155
assembly implementation, 310
assembly types, 230
assembly level
checklists, 735
metadata, 636
threats, 146
assert calls, code access security, 624625
assert duration, 204
reducing, 204
assert methods , 185, 203, 622
code access security, 185
assets
described, 13, 45
identification of, 49
associated permissions
and privileged operations, 194
and secure resources, 193
asymmetric encryption using X.509 certificates, 337338
attack patterns
creating, 61
described, 59
attack trees
creating, 6061
described, 59
attacker reveals implementation details, 41
attacks
anatomy of, 1416
on assemblies, 147
described, 5, 13, 46
identity spoofing, 257
information disclosure, 260
methodology, 15
network eavesdropping, 259
network security, 406407
parameter manipulation, 258
session hijacking, 257
and vulnerabilities, 423
attributes
assembly attribute, 155
class attribute, 624
connect attribute, 212
declarative security attribute, 624
examples of potentially dangerous, 610611
member level attribute, 524
audit logs, 469
database servers, 537
audit user transactions, 308309
auditing
applications, 123
ASP.NET, 295296
checklists, 694, 699, 707, 710, 715, 726, 732
data server configuration, 675
database servers, 525526
as element of security, 5
failed actions, 452
logon failures, 525
network security, 413
remoted objects, 365
requirements, 303
secure Web services, 341
serviced components, 308309
SQL Server, 528
for suspicious behavior, 42
vulnerabilities, 429
Web applications, 9596
Web server configuration, 651652, 654
Web servers, 429, 451452
auditing threats, 4142
authenticated connections
controlling, 358
sharing to increase performance, 357
authentication
aspects of, 80
ASP.NET application and Web services, 560563
callers, 109
checklists, 690691, 697698, 706, 709, 714, 717
configuring Windows only, 528
cryptography, 91
data access, 379
databases, 109110
described, 29, 80
disabling, 666667
as element of security, 4
Enterprise Services, 666
IPSec for filtering, 777786
levels, 494
NTLMv2, 518
remoted objects, 355358
requirements, 325
secure Web services, 332335
for sensitive pages, 289
server-to-server, 784785
serviced components, 304
and session tokens, 290
solutions, 325
tickets, 262
tokens and session management, 289290
type, 134
vulnerabilities, 107108
Web pages and controls, 277278
Web server configuration, 654
authentication = AuthenticationOption.Privacy, 307308
authentication cookie-to-HTTPS connections, 280
authentication cookies, 282
limiting lifetime of, 659
persisting , 281
protecting, 90
securing, 280
stolen, 82
<authentication> element
ASP.NET application and Web services, 560
Web server configuration, 658659
Authenticode
and ASP.NET, 155
and strong names, 159160
authorization
of applications, 113
ASP.NET application and Web services, 563565
checklists, 691, 697, 706, 709710, 714, 718
code review, 634
and COM+ roles, 304
data access, 381382
described, 83
as element of security, 4
of end users, 112
Enterprise Services, 667
granularity in ASP.NET, 263
granularity models, 8385
remoted objects, 359360
secure Web services, 335336
serviced components, 304
types used in assemblies, 160
vulnerabilities, 111112
vulnerabilities described, 31
Web applications, 83
Web site partitioning, 284286
authorization decisions
explicit role checks, 285
with imperative principal permission demands, 285
<authorization> element
for authentication, 279
authorization granularity, 263
for configuring role-based security, 138139
for page level and directory level access control, 284
partitioning Web sites, 261
Web server configuration, 660
automatic updates for developer workstations, 769770
availability as an element of security, 5
Improving Web Application Security: Threats and Countermeasures
ISBN: 0735618429
EAN: 2147483647
EAN: 2147483647
Year: 2003
Pages: 613
Pages: 613
Authors: Microsoft Corporation