• Choose a category
• All
• Classic-Fiction

HTTP/S HTTP Secure (HTTP/S) is a protocol that is used for secure connections between two systems that use the Web. It protects the connection, and all traffic between the two systems is encrypted. HTTP/S uses SSL or TLS for connection security, and it uses port 443 and TCP for connections.

Don’t confuse Secure HTTP (S-HTTP) with HTTP/S. S-HTTP is a different protocol that lets systems negotiate an encryption connection between each other. S-HTTP can provide some of the capabilities of HTTP/S, but it isn’t as secure.

Vulnerabilities of Web Add-ins

The growth of the Web and demands from users for more features has spurred the creation of a new set of vulnerabilities that must be evaluated and managed. Increasingly, web browsers and other web-enabled technologies allow servers to send instructions to the client to provide multimedia and other capabilities. This is creating a problem for security professionals because these protocols offer potential weaknesses.

The following sections discuss the more common web-based applications, such as JavaScript and applets, and the vulnerabilities you should be aware of. These vulnerabilities can include malicious code, viruses, and exploitations.

ActiveX

ActiveX is a technology that was implemented by Microsoft to customize controls, icons, and other features, which increases the usability of web-enabled systems. ActiveX runs on the client. It uses a method called Authenticode for security. Authenticode is a type of certificate technology that allows ActiveX components to be validated by a server.

ActiveX components are downloaded to the client hard disk, potentially allowing additional security breaches. Web browsers can be configured so that they require confirmation to accept an ActiveX control. However, many users don’t understand these confirmation messages when they appear, and they automatically accept the components. Automatically accepting an ActiveX component or control creates the opportunity for security breaches on a client system when the control is used because an ActiveX control contains programming instructions that can contain malicious code or create vulnerabilities in a system.

It’s highly recommended that browsers be configured so that they do not allow ActiveX to run without prompting the user because of the potential security hole that could be opened.

Buffer Overflows

Buffer overflows occur when an application receives more data than it’s programmed to accept. This situation can cause an application to terminate or to write data beyond the end of the allocated space. Termination may leave the system sending the data with temporary access to privileged levels in the attacked system, while overwriting can cause important data to be lost. This exploitation is usually a result of a programming error in the development of the software.

Buffer overflows, while a less common source of exploitation than in the past, still crop up.

Common Gateway Interface

Common Gateway Interface (CGI) is an older form of scripting that was used extensively in early web systems. CGI scripts were used to capture data from a user using simple forms. They aren’t widely used in new systems and are being replaced by Java, ActiveX, and other technologies.

CGI scripts run on the web server and interact with the client browser. CGI is often frowned upon in new applications because of its security issues, but it’s still widely used in older systems. Vulnerabilities in CGI are the result of its inherent ability to do what it is told. If a CGI script is written to wreak havoc (or carries extra code added to it by a miscreant) and it is executed, your systems will suffer. The best protection against any weaknesses is to not run applications written in CGI but rather to opt for those written in the newer languages where possible.

Cookies

Cookies are text files that a browser maintains on the user’s hard disk in order to provide a persistent, customized web experience for each visit. A cookie typically contains information