Website Penetration

I Can Almost Guarantee That Your Website Has Been Subjected To Online Penetration By Unscrupulous People.

That is Scary

I started doing website security for myself and some clients. The software I use gives me reports that are really security testing on my sites.

I did not expect the level of website penetrations that were occuring without my knowledge

That is correct!  You will not know what is happening on your site until you see these penetration reports.

Ir’s sneaky scary and can affect your business and credibility. I have found on average 8-10 penetrations every week on every website

Things like:

  • Cross Site Scripting
  • Cross Site Request Forgery
  • SQL Injections
  • Local File Inclusion
  • Remote File Execution (sometimes called Inclusion)
  • Directory Traversal

At first I did not understand the meaning of these terms and their ramifications so I looked them up on Wikipedia.

Here’s what I discovered:

Cross-site scripting (XSS) is a type of computer security vulnerability typically found in web applications. XSS enables attackers to inject client-side script into web pages viewed by other users. A cross-site scripting vulnerability may be used by attackers to bypass access controls such as the same-origin policy. Cross-site scripting carried out on websites accounted for roughly 84% of all security vulnerabilities documented by Symantec as of 2007. Their effect may range from a petty nuisance to a significant security risk, depending on the sensitivity of the data handled by the vulnerable site and the nature of any security mitigation implemented by the site’s owner.

Cross-site request forgery, also known as one-click attack or session riding and abbreviated as CSRF (sometimes pronounced sea-surf[1]) or XSRF, is a type of malicious exploit of a website where unauthorized commands are transmitted from a user that the website trusts. Unlike cross-site scripting (XSS), which exploits the trust a user has for a particular site, CSRF exploits the trust that a site has in a user’s browser.

SQL injection is a code injection technique, used to attack data-driven applications, in which malicious SQL statements are inserted into an entry field for execution (e.g. to dump the database contents to the attacker). SQL injection must exploit a security vulnerability in an application’s software, for example, when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and unexpectedly executed. SQL injection is mostly known as an attack vector for websites but can be used to attack any type of SQL database.
SQL injection attacks allow attackers to

  1. spoof identity,
  2. tamper with existing data,
  3. cause repudiation issues such as voiding transactions or changing balances,
  4. allow the complete disclosure of all data on the system,
  5. destroy the data or make it otherwise unavailable, and
  6. become administrators of the database server.

In a 2012 study, it was observed that the average web application received 4 attack campaigns per month, and retailers received twice as many attacks as other industries.Maybe there is a spike in website penetrations because my average so far is 10 per week

File inclusion vulnerability is a type of vulnerability most often found on websites. It allows an attacker to include a file, usually through a script on the web server. The vulnerability occurs due to the use of user-supplied input without proper validation. This can lead to something as minimal as outputting the contents of the file or more serious events such as:

  1. Code execution on the web server
  2. Code execution on the client-side such as JavaScript which can lead to other attacks such as cross site scripting (XSS)
  3. Denial of service (DoS)
  4. Data theft/manipulation

Remote File Execution  is similar to and gives much the same results as File Inclusion.

These website penetrations can cause

  1. Loss of business
  2. Loss of trust with your clients
  3. Theft of important information
  4. Destruction of important information

A Directory Traversal (or path traversal) consists in exploiting insufficient security validation / sanitization of user-supplied input file names, so that characters representing “traverse to parent directory” are passed through to the file APIs.

The goal of this attack is to order an application to access a computer file that is not intended to be accessible. This attack exploits a lack of security (the software is acting exactly as it is supposed to) as opposed to exploiting a bug in the code.

Directory traversal is also known as the ../ (dot dot slash) attack, directory climbing, and backtracking. Some forms of this attack are also canonicalization attacks.

 

My system is not only a web intrusion detection system but it also prevents these malicious penetrations from occurring.

At the same time

  • I backup your site to a remote location (the safest way to backup)
  • Update all plugins
  • Update your Theme

Themes and plugins that are not updated regularly are a security risk for your website.

Remove the worry of this type of website intrusion and have peace of mind for as little as $60 per month or if paid in advance $600 for the year (that means you get 2 months FREE)

 

For more information

Contact Jeff on 0419 418 951

or email  jeff@reputationmarketingspecialist.com.au

 

Leave a comment