TEACHING YOU HOW TO SECURE YOUR SOFTWARE
Even though there are multiple ways to secure a web server, the three that I find the most important are firewalls, private networking, and SSL/TLS encryption.
A firewall is either a piece of software or hardware used to control which requests are allowed on a network. Those requests could take the form of public services, private services or internal services. Firewalls allow you to restrict the access to your software according to your criteria. It provides a necessary layer of protection which ensures the protection of your data.
Certain networks that are only available to certain servers or users are known as private networks. Often universities use a private network to ensure privacy among students. A VPN (virtual private network) is used to create a secure connection with a remote computer and a local machine as if the remote computer was on a local private network. This allows the use of remote servers and still maintain a secure connection. These allow you to create a secure network and allows secure communication between client and server. Setting up a private network is simple and straightforward, however setting up a VPN is more involved. That is because every server using a VPN needs to have shared security and configuration data installed to ensure a secure connection.
SSL/TLS certificates allow for encrypted communication between a user and a server. What this does is encrypt traffic on your server so that attackers who intercept traffic will not be able to steal valuable information. This allows you to encrypt your system without a VPN tunnel. Configuring and managing a certificate authority can be quite involved however proves to be important in the long run.
What does buffer overflow mean?
Say you have some buffer you created called B. During a programs execution, if more data is attempted to be put into B then the allotted memory space, then a buffer over condition exists. When attempting to write outside a block of memory, it can corrupt the data or execute malicious code. This is known as a buffer overflow attack.
What does this have to do with software security?
If you are not familiar with how programs execute, you might not quite understand why this is such a big deal. One of the main problems is the variety of ways a buffer overflow can occur. It is common for these attacks to be used against legacy and new applications. However, buffer overflows are generally not easy to discover and exploit. Here is a general example of a classic buffer overflow exploit. Data is sent to a program by an attacker which is stored in a stack buffer which is too small. Information on the call stack is then overwritten and the value of the return pointer is such that malicious code of the attacker is executed. Other examples of buffer overflow are heap buffer overflow, off-by-one error, and format string attack. At the programming level, a codes vulnerability is sometimes due to poor assumptions by the programmer. In languages such as C or C++, bound checking does not occur in certain instances which can lead to the allocated bounds to be overwritten in a buffer.
How can this be prevented?
First, if a program is being coded in C or C++, the programmer needs to take extra care of memory management. This is because these languages have no built-in protection in overwriting data in their memory. Modern programming languages such as Java and C# have more precautions to reduce buffer overflow errors but are still vulnerable to them.
Cryptography is the study of techniques for secure software and communication against attackers. Attackers means third parties who which to steal hidden or private messages for their won gain. With so much being digital in modern society, cryptography is applied to protect credit cards, digital currencies, military communications, passwords, and electronic commerce. Through cryptography, the idea of encrypting data was formed which is a cornerstone in protecting data. Encryption dates all the way beck to rotor cipher machines in World War 1 and has become increasingly more complex. Some modern-day cryptography methods include symmetric-key cryptography and public-key cryptography.
Methods where the sender and receiver share a single key used for encryption and decryption known as symmetric-key cryptography. One type of symmetric-key cryptograph method is known as cryptographic has functions. Given a message of any length they output a digital signature known as a hash. Good hash functions are those where no two message has the same hash. The reason why hash functions are so useful is because of the difficulty to decipher how the hash is created. The main issue is that sometimes a hash function can have two different messages create the same hash.
For these types of functions, instead of the same key being used for encryption and decryption, two different keys are used. The advantage of this type of key over symmetric-key ciphers is the fact that two different keys are used. When one key is used, the difficulty is the key management necessary to make sure it is secure. When two parties do not share a secure channel, establishing a secret key between them is difficult. What public key ciphers do is create both a public key and a private key. Both are related but discovering one key from another is infeasible. This allows for the public key to be freely distributed while the private key is kept secure.
When you first begin developing a software of some sort, you might be tempted to overlook potential security issues. What this could mean in the long run is future software breaches and security failures. So instead of pushing off security issues for late, create a plan so you can integrate security aspects throughout your software development. Then you can move onto the first stages of secure software development.
The first stage includes a general overview of how your secure software development will interact with customers. First you should think of possible use and misuse cases. For example, a misuse case would be an unauthorized user trying to steal a customer’s data. The use case for this would be logging attempts and analyzing them. You should also do a risk assessment, so you will determine how to handle certain attacks. After this stage you then begin the secure design phase.
When designing your software, there is several things to pay attention to security wise. Minimal user privileges should be given toward the software architecture. This is because the software architecture has a lot of things that the user has no business accessing. When it comes to manipulating data in the software, only the higher privileged users should have access. There should be multiple security layers in your software. Only having one mode of defense in your software is not enough nowadays. It will leave you software weak and vulnerable. However, if a security failure does occur, you want your software to fail into a secure state. It should still preserve confidentiality even though it is not work in that moment. Moreover, your software should have user-friendly security. You want your software to be secure, but you want your users to still enjoy using it.
This lead into the development stage and then code review. After taking many security factors into consideration, you now can begin developing your software. Then once you finish, make sure to test your code so any security risks you missed you can fix.
With many things being digital, cybersecurity attacks have become a big concern. With the variety and different types of attacks, companies must take precautions to make sure information is secure. However, many cyberattacks draw on similar ideas and methods so understanding many different types can help you really see the similarities. Here are some common cybersecurity attacks used today.
Dictionary and Brute-force attacks
A dictionary attack is straightforward. The attacker will use a wordlist hoping that the user’s password is a simple password they have used on previous sites. These types of attacks are most effective when the password is based on simple words such as apples. These attacks led to websites to force users to create complex passwords, so attacks have more difficulty.
Brute-force attacks is what the name implies. The attacker will use brute force methods attempting to guess the password. This means that the length of a password and the number of symbols available plays a huge roll. The longer the password and the more symbols, the longer it will take to determine the password. What this has done to modern day websites is force users to create long complex passwords, so these types of attacks are not viable.
Malware involves three things: objective, delivery, and concealment. Malware is created with some goal in mind. This can either involve stealing data, disrupting some action, or demanding payment. All are malicious and cause problems to anyone subjected to it. Next is delivery. The three main ways malware is delivered is trojan horse, virus, and worm. The trojan horse is a program that looks like something else but is used to run malware. A virus is hidden in other program/files. The worm propagates itself into other user’s systems.
Common ways to stop malware attacks is through education, ensure a secure network, use good software, and create backups. Malware is a serious problem that should not be taken lightly. Proper steps are necessary to protect your system from malware.