In: Computer Science
2. Examine various vulnerabilities of information system that lead to a successful footprinting and recommend the countermeasures for the same.
Footprinting refers to the process of collecting as much as information as possible about the target server or computer system to find ways to penetrate into that server/system.
Various vulnerabilities of information system that lead to footprinting:
1. Open access to all ports
2. All protocols are enabled on the system
3. Availability of un encrypted senitive data
4. No data validation of user entered data on a web site.
5. Remote access enabled on the server without authentication
Countermeasures which help to prevent footprinting are as follows:
1. We should disable unnecessary protocols for a server.
2. We must lock down ports with an appropriate firewall
configuration.
3. We must use TCP/IP and IPSec filters for defense in depth.
4. We should configure IIS to prevent information disclosure
through banner grabbing.
5. We should use an IDS that can be configured to pick up
footprinting patterns and reject suspicious traffic.
6. We should encrypt and password-protect sensitive data. Data
such as Web accessible e-mail
should be considered sensitive data and should be encrypted.
7. We should curtail unexpected input from the user. Some Web
pages allow users to enter usernames and
passwords. These Web pages can be used maliciously by allowing the
user to enter in
more than just a username. Username: jdoe; rm -rf / This might
allow an attacker to
remove the root file system from a UNIX Server. Programmers should
limit input
characters, and not accept invalid characters such as |; < >
as possible input.