How would you protect information systems from these attacks?

Take a look at the following attack on a Web Server using obstructed URL:

http://www.example.com/script.ext?template%2e%2e%2e%2e%2e%2f%2e%2f%65%74%63%2f %70%61%73%73%77%64

The request is made up of:

– %2e%2e%2f%2e%2e%2f%2e%2f% = ../../../
– %65%74%63 = etc
– %2f = /
– %70%61%73%73%77%64 = passwd

How would you protect information systems from these attacks?

Take a look at the following attack on a Web Server using obstructed URL:

http://www.example.com/script.ext?template%2e%2e%2e%2e%2e%2f%2e%2f%65%74%63%2f %70%61%73%73%77%64

The request is made up of:

– %2e%2e%2f%2e%2e%2f%2e%2f% = ../../../
– %65%74%63 = etc
– %2f = /
– %70%61%73%73%77%64 = passwd

How would you protect information systems from these attacks?

A.
Configure Web Server to deny requests involving Unicode characters.

B.
Create rules in IDS to alert on strange Unicode requests.

C.
Use SSL authentication on Web Servers.

D.
Enable Active Scripts Detection at the firewall and routers.

Explanation:
This is a typical Unicode attack. By configuring your IDS to trigger on strange Unicode requests you can protect your web-server from this type of attacks.



Leave a Reply 0

Your email address will not be published. Required fields are marked *