Hi friends ....! Happy to catch yu all back once again, and now with a better topic to discuss. Yes, Input validation attack. This is a mode of attack which will be handled by the hacker involved as sending unusual input in the hope of confusing the application.
Now let us see some cunter measures for Input validation attack....
- Application should be subjected to every possible future situation that can encounter by security perspective
- Programmers are supposed to understand the importance of giving attention to security aspects,while they develop the application.
- Adopting a protective approach is best in practice. It is more affective, cheaper, easier and faster tool to look for and remove any loopholes in input validation in the stages of development.
- Keeping your program very simple helps you to test it against loopholes and input validation vulnerabilities.
- Restricted user and file access should be implemented in all kinds of application environments.
- There should be proper separation between trusted and untrusted data.Trusted data should never be allowed spill over the understand memory spaces.
- Keep in mind that any applications should not be allowed to other access trusted applications.
- Most common buffer overflow attacks can be avoided by applying above measures.Buffer overflow are one of the lethal weapon for hackers and it is a widely used type of net attacks.
- If you spill out special characters like quotation marks, slash, semicolon, backslash etc., from user input , URL parameters and cookies it will make it harder for attacker to implement such attack ans also SQL injection attacks.
No comments:
Post a Comment