Finding and Ranking Entry Points
Chapter 2, Using Threat Models for Security Testing, discusses how threat models and data flow diagrams (DFDs) can be useful to find security threats in an application. These documents can give you a good understanding of how the software works and how the data flows through it. But what happens when no threat model or DFD is available? Use the techniques discussed in this chapter to help find the entry points. Even when your application has threat models or DFDs, assume that they might not indicate all of the entry points or that this information is incorrect, out of date, or incomplete.
Generally, attackers won t have the threat model and DFD resources available, so they will use other resources and techniques ”some of which are covered in this chapter ”to help decompose your product and find the entry points. If you rely only on the accuracy of the threat model and DFD, you will definitely miss an entry point that an attacker will find.
| Important | Even when threat models or DFDs are available for your application, do not assume they indicate all of the entry points that can be attacked . |
Assessing the Risk of Entry Points
No matter the type of application you are testing, you should rank the entry points that can be considered the key targets and focus your testing on them first. To assess the risk of an entry point, answer the following questions about it:
-
Who can access the entry point?
-
What input does the entry point accept?
-
How can the entry point be accessed?
In a house, for instance, a chimney is an entry point. Anyone can gain access to the chimney. But if the chimney is small enough, no one would be able to fit in it. Also, to get to the chimney an attacker must have access to the roof, which might be protected. As such, the chimney would be given a lower rank than some of the other entry points because it is harder to exploit from an attacker s perspective. In general, the lower the access level or permission needed to access an entry point, the higher the risk. Chapter 13, Finding Weak Permissions, discusses different access levels in detail.
EAN: 2147483647
Pages: 156
- Chapter I e-Search: A Conceptual Framework of Online Consumer Behavior
- Chapter VI Web Site Quality and Usability in E-Commerce
- Chapter VII Objective and Perceived Complexity and Their Impacts on Internet Communication
- Chapter XIV Product Catalog and Shopping Cart Effective Design
- Chapter XVIII Web Systems Design, Litigation, and Online Consumer Behavior