Java Reference
In-Depth Information
multitasking.
*
hey perform a variety of tasks like redirection to malicious sites, stealing creden-
tials, and even installing fake antivirus software on the infected machines, in addition to disabling
the antivirus protection on each of the afected systems.
One of the earliest worms in the Web application space was the Code Red worm, which was
observed on the Internet sometime in July 2001. he worm exploited a bufer overlow condition in
Microsoft's IIS Web Server. he worm used arbitrary code to exploit the bufer overlow condition
and infect the machine. Web sites that were defaced by the Code Red worm displayed “HELLO!
Welcome to http://www.worm.com! Hacked By Chinese!” It was reported that over 360,000 sites
were defaced by the Code Red worm. he estimated cost that was incurred by organizations all
over the world to recover from the Code Red worm was a whopping $2.6 billion.
he SQL Slammer worm was another debilitating worm. It was irst seen in the wild in 2003.
he SQL Slammer worm caused Denial of Service attacks and infected almost 75,000 systems
in the irst 10 minutes after its release. Similar to the Code Red worm, the Slammer exploited a
bufer overlow condition in Microsoft's SQL Server. he worm caused an incredible slowdown
in Internet speeds as the infected systems bombarded routers all over the Internet with traic that
they were unable to handle, thereby crashing these devices. Although the worm was just 376 bytes
in size, the damage it caused all over the Internet was tremendous. Web application worms have
gotten more powerful over the years, and the latest worms like the Gumblar worm and the Nine
Ball worm have multitasking capabilities, which allow them to redirect users to certain Web sites,
download malware into the user's system, and disable the antivirus application in the system. he
Gumblar worm, for instance, appended malicious obfuscated JavaScript and infected Web pages.
his JavaScript was used for malicious redirection.
hese vulnerabilities have been increasing by the day. Banking Web sites, email Web sites,
social networking sites, and personal storage Web sites have all been found to be vulnerable to
several Web application attacks and provide attackers access to extremely sensitive information. It
is horrifying to note that attackers may be able to access your bank account, steal your credit card
number of an e-commerce site, or steal your identity by breaking into a site that contains such
information.
3.4 Web Application Security—the Challenges
he challenges in securing Web applications are multifold. Because the Web is a recent phenom-
enon, it is not surprising that its security issues are beginning to gain notoriety in recent times. Let
us explore some of the challenges we face while securing Web applications:
◾
Client-side control and trust
◾
Pangs of the creator
◾
Flawed application life cycle
◾
Awareness
*
Web application worms such as the Gumblar worm wreaked a great deal of havoc with its multipronged attack
against Web applications and user PCs all over the world. he Gumblar worm exploited FTP passwords of sev-
eral Web sites and attached malicious JavaScript to Web pages, where upon accessing the infected Web pages,
the users would be redirected to a malicious Web site, where malware would be downloaded into the user's
system. he Gumblar worm is also supposed to disable antivirus applications in the user's PC and install its own
bogus antivirus application.
Search WWH ::
Custom Search