An toan-thong-tin-bang-kiem-soat-lo-hong-trong-dich-vu-web

  • Published on
    15-Jan-2017

  • View
    237

  • Download
    1

Embed Size (px)

Transcript

  • 1

    B GIO DC V O TO

    TRNG I HC DN LP HI PHNG

    -----oo0oo-----

    NGHIN CU BO M AN TON THNG TIN BNG

    KIM SOT L HNG TRONG DCH V WEB

    N TT NGHIP I HC H CHNH QUY

    Nghnh: Cng Ngh Thng Tin

    HI PHNG-2007

    MC LC Bng ch gii t vit tt..3 Li m u..4

  • 2

    Chng 1: KHI NIM C S....7 1.1. KHI NIM V BO V WEB.....7 1.2. NG DNG WEB.12 1.2.1. Khi nim ng dng web...12 1.2.2. Hot ng ca ng dng web.13 1.3. MT S CNG C BO V WEB....15

    Tng la...15 Mng ring o....17

    Chng 2: CC K THUT TN CNG LI DNG L HNG..18 2.1. CHN THAM S..18 2.1.1. Chnh sa HTTP Header18 2.1.2. Chnh sa a ch URL...21 2.1.3. Chnh sa trng n Form..22 2.1.4. Thao tc trn cookie...24 2.2. CHN M LNH TRN TRNH DUYT ..27 2.2.1. Phng php tn cng XSS27 2.2.2. Bin php phng trnh...31 2.3. CHN CU LNH TRUY VN .....32 2.3.1. Tn cng vt qua kim tra ng nhp......32 2.3.2. Tn cng da vo cu lnh SELECT....34 2.3.3. Tn cng da vo cu lnh INSERT..36 2.3.4. Tn cng da vo Store-Procedure....37 2.3.5. Bin php phng trnh...38 2.4. TN CNG DA VO KIU QUN L PHIN LM VIC..40 2.4.1. Tn cng kiu n nh phin lm vic...41 2.4.2. Tn cng kiu nh cp phin lm vic.45 2.4.3. Bin php phng trnh...46 2.5. TN CNG T CHI DCH V.47 2.5.1. Khi nim DoS...47 a/ Li dng TCP thc hin Synflood.49

  • 3

    b/ Tn cng vo bng thng...50 c/ DdoS...52 2.5.2. Bin php phng trnh53 2.6. NGN NG PHA TRNH CH..54 2.7. TN CNG TRN B M56 Chng 3: TNG KT K THUT TN CNG CA HACKER...58 3.1. THU THP THNG TIN MC H TNG CA MC TIU...58 3.2. KHO ST NG DNG WEB61 V d th nghim..63

    Bng ch gii t vit tt

  • 4

    DNS Domain Name System H thng tn min ACK Acknowlegment Xc nhn CSDL C s d liu SYN Synchronize ng b TTL Time TO Live Thi gian tn ti FIN Fully Intergrated Netword Mng tch hp y HTTP Hyper Text Transfer protocol Giao thc truyn siu vn bn SSL Secure Socket Layer Khe cm an ton HTTPS HTTP + SSL Hacker Tin tc CGI Common Gateway Interface Giao din cng thng thng IP Internet Protocol Giao thc mng TCP Transfer Control Protocol Giao thc iu khin truyn thng SSI Server Side Include Ngn ng pha trnh ch URI Uniform Resour Identifies Con tr n ti nguyn web URL Uniform Resour Locator nh v ti nguyn web CSV Client Side Validator Kim tra ngn ng pha trnh duyt dbo Data base owner Ngi s hu c s d liu Sa System Administrator Ngi qun tr h thng IIS Internet Information Server Dch v thng tin mng OWASP The open web Appllication

    standard project D n ng dng web

    HTML Hyper Text Markup Language Ngn ng nh du siu vn bn IIS Internet Infomation Server

    LI M U

    Ngy nay, khi Internet c ph bin rng ri, cc t chc, c nhn u c

  • 5

    nhu cu gii thiu thng tin ca mnh trn xa l thng tin cng nh thc hin

    cc phin giao dch trc tuyn. Vn ny sinh l khi phm vi ng dng ca

    cc ng dng Web ngy cng m rng th kh nng xut hin li

    (l hng) v b tn cng cng cao, tr thnh i tng cho nhiu ngi tn cng

    vi cc mc ch khc nhau. i khi, cng ch n gin l th ti hoc a

    bn vi ngi khc.

    Cng vi s pht trin khng ngng ca Internet v cc dch v trn ,

    s lng cc v tn cng trn Internet cng tng theo cp s nhn. Trong khi

    cc phng tin thng tin i chng ngy cng nhc nhiu n nhng kh nng

    truy nhp thng tin ca Internet, th cc ti liu chuyn mn bt u cp

    nhiu n vn bo m an ton d liu cho cc my tnh c kt ni vo

    mng Internet.

    Theo s liu ca CERT (Computer Emegency Response Team -

    "i cp cu my tnh"): s lng cc v tn cng trn Internet c

    thng bo cho t chc ny l t hn 200 vo nm 1989, khong 400 vo nm

    1991, 1400 vo nm 1993, v 2241 vo nm 1994, v nm 2001 l 5315 v.

    Nguyn nhn ch yu lm cho cc v tn cng tng nhanh l do c rt

    nhiu l hng c tm thy trn cc ng dng web. Theo thng k ca

    Symantec nm 2004 c 49% s lng l hng c tm thy trong cc ng

    dng web. T thng 7 n thng 11 nm 2006, xc nh l hng bo mt nm

    trong ng dng web chim ti 75%, tng 15% so vi u nm

    Nhng v tn cng ny nhm vo tt c cc my tnh c mt trn Internet,

    my tnh ca cc cng ty ln nh AT&T, IBM, cc trng i hc, cc c quan

  • 6

    nh nc, cc t chc qun s, nh bng... Mt s v tn cng c quy

    m khng l (c ti 100.000 my tnh b tn cng). Hn na, nhng con s

    ny ch l phn ni ca tng bng. Mt phn rt ln cc v tn cng khng c

    thng bo, v nhiu l do nh: ni lo b mt uy tn, hoc n gin nhng ngi

    qun tr h thng khng hay bit nhng cuc tn cng ang nhm vo h thng

    ca h. (Mt v d in hnh l cuc tn cng vo phn mm thng mi

    ca IBM thng 3/2001, hai hacker tm thy l hng trn ng dng m bt

    c ai vi mt trnh duyt Web cng c th ly ti khon ca ngi dng, thm

    ch c ngi qun tr).

    Khng ch s lng cc cuc tn cng tng ln nhanh chng, m cc

    phng php tn cng ngy cng tinh vi v c t chc. Mt khc, vic qun tr

    cc h thng mng i hi nh qun tr h thng c kin thc v kinh nghim

    v h thng mng chc chn, do s yu km trong qun l s to nhiu iu

    kin cho cc hacker khai thc.

    Cng theo CERT, nhng cuc tn cng thi k 1988-1989 ch yu l

    on tn ngi s dng/mt khu (UserID/password) hoc s dng li ca

    cc chng trnh v h iu hnh (security hole) lm v hiu h thng bo v,

    tuy nhin cc cuc tn cng vo thi gian gn y cn bao gm c cc thao tc

    nh gi mo a ch IP, theo di thng tin truyn qua mng, chim cc

    phin lm vic t xa (telnet hoc rlogin), ci trojan hay worm kim sot

    hay iu khin my tnhv th, nhu cu bo v thng tin trn Internet l cn

    thit nhm mc ch bo v d liu, bo v thng tin ngi dng v bo v h

    thng.

    Khi ni n vn bo mt, hu ht cc chuyn gia bo mt u ch trng

    n s an ton ca h thng mng v h iu hnh. bo v h thng, phng

    php thng c chn l s dng firewall. Tuy nhin, theo tuyn b ca

  • 7

    CSI/FBI : 78% ni b hi c s dng firewall v 59% th b tn cng thng qua

    Internet, c th hn l theo bo co ca CSI/FBI Computer Crime v Security

    Survey th tng s thit hi do nhng ng dng Web b tn cng t nm 1997

    n nm 2006 l hn 800 triu la M.

    Vi nhng cng c t ng tm l hng tuy gip rt nhiu cho nhng

    nh lp trnh Web nhng vn khng th ngn chn ton b v cng ngh Web

    ang pht trin nhanh chng (ch yu ch trng n yu t thm m, yu

    t tc ) nn dn n nhiu khuyt im mi pht sinh. S tn cng

    khng nm trong khun kh vi k thut pht hin, m linh ng v tng ln

    ty vo nhng sai st ca nh qun tr h thng cng nh ca nhng ngi lp

    trnh ng dng.

    Chng 1: KHI NIM C S

    1.1. KHI NIM V BO V WEB

  • 8

    Bo v web khng cn l khi nim xa l i vi nhng ngi lp trnh

    web, nhng nh qun tr mng,

    Mc tiu bo v web gm c:

    Bo mt: Thng tin khng c c tri php.

    Bo ton: Thng tin khng b sa i mt cch tri php.

    Bo m tnh sn sng:

    Ngi dng hp php c quyn truy cp hay s dng thng tin.

    Hai i tng chnh trong s dng dch v web l ngi dng v ngi

    qun tr h thng.

    Pha ngi dng dch v web, an ton trn mng trc ht l yu cu t

    ra vi server. Th nht, nhng yu cu gi n server phi c thc thi v phn

    hi trong thi gian nht nh (tnh sn sng). Th hai, thng tin gi ti phi c

    m bo khng b virut hay b sa i bi tc nhn khc (tnh ton vn). Th ba,

    server khng ph bin thng tin c nhn trn mng (tnh b mt).

    Pha nh qun tr h thng, h c nhng yu cu cng kh ging vi

    ngi dng nhng nhn di mt gc khc. Th nht, h phi m bo rng

    ngi dng khng th xm nhp vo server thay i ni dung ca website

    (tnh ton vn). Th hai, ngi dng khng th truy cp vo cc thng tin khng

    thuc quyn ca h (tnh b mt v bt buc). Th ba, ngi dng khng th tn

    cng server lm n khng th phc v ngi dng khc (tnh sn sng). Th t,

    ngi dng c nhn dng phi chu trch nhim v khng th chi b hnh

    ng ca mnh (tnh xc thc).

    i tng tn cng mng (Intruder):

  • 9

    l c nhn hoc t chc s dng cc cng c ph hoi nh phn mm hoc

    phn cng d tm cc im yu, l hng bo mt trn h thng, thc hin cc

    hot ng xm nhp v chim ot ti nguyn mng tri php.

    Mt s i tng tn cng mng:

    Tin tc (Hacker):

    l k xm nhp mng tri php bng cch s dng cc cng c ph

    mt khu hoc khai thc im yu ca cc thnh phn truy nhp trn h thng.

    K gi mo (Masquerader):

    l k gi mo thng tin trn mng. Mt s hnh thc gi mo nh

    gi mo a ch IP, tn min, nh danh ngi dng

    K nghe trm (Evesdropping):

    l i tng nghe trm thng tin trn mng s dng cc cng c

    sniffer, sau dng cc cng c phn tch v debug ly c cc thng tin c

    gi tr.

    Mc ch: n cp thng tin c gi tr v kinh t, ph hoi h thng mng

    c ch nh hoc cng v th ch l nhng hnh ng v thc nhm th

    nghim cc chng trnh khng kim tra cn thn,

    L hng bo mt:

    l nhng yu km trn h thng hoc n cha trong mt dch v no ,

    m da vo k tn cng c th xm nhp tri php thc hin cc hnh

    ng ph hoi hoc chim ot ti nguyn bt hp php.

    Nguyn nhn gy ra cc l hng bo mt l khc nhau:

    do li bn thn h thng, do phn mm cung cp, hoc do ngi

    qun tr yu km khng hiu su sc cc dch v cung cp,

    Mc nh hng ca cc l hng l khc nhau:

    c l hng ch nh hng ti cht lng dch v, c l hng nh hng

    su sc ti ton b h thng,.

    Mt s hnh thc tn cng mng

  • 10

    Da vo l hng bo mt trn mng:

    l hng ny thng l nhng im yu ca dch v m h thng cung cp.

    S dng cc cng c ph hoi:

    v d cc chng trnh ph kha mt khu truy cp bt hp php vo

    chng trnh.

    K tn cng c th kt hp c hai hnh thc trn t c mc ch.

    Ty thuc vo cch tn cng m mc nguy hi ti h thng l khc nhau.

    Cc mc tn cng h thng:

    Mc 1: Tn cng vo mt s dch v mng: web, email, dn n

    Nguy c l thng tin v cu hnh mng.

    Mc 2: K ph hoi dng ti khon ca ngi dng hp php chim

    ot ti nguyn h thng. K ph hoi c th thay i quyn truy nhp qua cc

    l hng bo mt hoc c cc thng tin trong tp tin lin quan n truy nhp h

    thng nh: /etc/passwd (Linux) v SAM file (windows).

    Mc 3,4,5: K ph hoi khng s dng quyn ca ngi dung thng

    thn