|
Naziv
|
Web Application Fingerprinting
|
|
Sažetak
|
An attacker sends a series of probes to a web application in order to elicit version-dependent and type-dependent behavior that assists in identifying the target. An attacker could learn information such as software versions, error pages, and response headers, variations in implementations of the HTTP protocol, directory structures, and other similar information about the targeted service. This information can then be used by an attacker to formulate a targeted attack plan. While web application fingerprinting is not intended to be damaging (although certain activities, such as network scans, can sometimes cause disruptions to vulnerable applications inadvertently) it may often pave the way for more damaging attacks.
|
|
Preduvjeti
|
Any web application can be fingerprinted. However, some configuration choices can limit the useful information an attacker may collect during a fingerprinting attack.
|
|
Rješenja
|
['Implementation: Obfuscate server fields of HTTP response.', 'Implementation: Hide inner ordering of HTTP response header.', 'Implementation: Customizing HTTP error codes such as 404 or 500.', 'Implementation: Hide URL file extension.', 'Implementation: Hide HTTP response header software information filed.', "Implementation: Hide cookie's software information filed.", 'Implementation: Appropriately deal with error messages.', "Implementation: Obfuscate database type in Database API's error message."]
|
