Feature

Web Application Break-In

Ezine

This article can also be found in the Premium Editorial Download "Information Security magazine: Special manager's guide: Monitoring identities."

Download it now to read this article plus other related content.

Fingerprinting
Before hackers can launch a successful attack against a Web application, they need to gather as much information as possible about the application and the infrastructure on which it resides.

Identifying the applications running on a remote Web server is known as fingerprinting. One of the simplest ways is to send a request to the server and review the information sent in the response banner, which generally contains the exact version of the Web server software running on the server. This information leakage can be addressed by configuring the server not to display the banner at all, or by changing it to make the server look like something else. There are a number of tools that help fake the banner, such as URLScan for IIS Web servers and mod_security for Apache Web servers.

Unfortunately, there are tools that fingerprint Web servers without relying on banners, and hackers are now even using search engines such as Google to help find and fingerprint vulnerable machines. This is commonly known as Google hacking. By using Google's advanced search operators, hackers can retrieve fingerprint information from Google's cache without ever connecting to their intended target. (See the March 2006 Information Security feature "

    Requires Free Membership to View

Google Hacking" for more information.)

To find out what hackers can discover about your site, you can also use the Gooscan tool (with expressed permission in advance from Google) from http://johnny.ihack stuff.com, which also hosts the Google Hacking Database. Or, you can check the Google Webmasters FAQ at www.google.com/webmasters--this provides information about how to properly protect and expose your site to Google.

This was first published in August 2006

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: