Take a look at the following attack on a Web Server using obstructed URL:
http://www.example.com/script.ext?template%2e%2e%2e%2e%2e%2f%2e%2f%65%74%63%2f %70%61%73%73%77%64
The request is made up of:
– %2e%2e%2f%2e%2e%2f%2e%2f% = ../../../
– %65%74%63 = etc
– %2f = /
– %70%61%73%73%77%64 = passwd
How would you protect information systems from these attacks?
A.
Configure Web Server to deny requests involving Unicode characters.
B.
Create rules in IDS to alert on strange Unicode requests.
C.
Use SSL authentication on Web Servers.
D.
Enable Active Scripts Detection at the firewall and routers.
Explanation:
This is a typical Unicode attack. By configuring your IDS to trigger on strange Unicode requests you can protect your web-server from this type of attacks.