Hi,
I will start this post with a simple question i.e What is Security ?
Security in software is hardening or tightening the path for hackers. Security has become the major issue in recent days because of Internet applications and cloud based applications. Therefore to enjoy the benefits of cloud computing and web hosting it is necessary to implement security at all levels.
As you may have heard or read ,security can be applied in different levels like
- OS Level Security
- Network Security
- Application Level Security.
Having said that security can be applied on all levels, then what are the possible attacks ?
- Operating system Attacks
- Application level Attacks
- Shrink Wrap code Attacks
- Misconfiguration Attacks
In this post we are mainly going to see the Application vulnerabilities (Application Level Attacks) and the measures of creating a secured application :
OKie before going into the details ,I would like to place some thought provoking questions to my dear developers
1. What is your application goal ? (Survey / Company Data / Payment Site)
2. Have you created security based Coding ? (Yes / NO)
Whatever it may be the case it is important that every developer has to go in for the security based coding, though you may have firewalls ,IPS, IDS ..if you haven’t thought about security from application creation than your application is prone for hacking.
Types of Application Level Attacks :
Before going into details of Application Attacks first you may have to know if some one has taken over your PC or pinging your PC . To detect that we have IPS and IDS. IPS is Intrusion Prevention System and IDS is Intrusion Detection System.
You have various open source tools for IPS and IDS ,the most commonly used tool is SNORT.
SNORT : Snort is a free and open source network intrusion prevention system (NIPS) and network intrusion detection system (NIDS) created by Martin Roesch in 1998.
SNORt : Networking IPS and IDS tool , Open Source
In this tutorial we will see how SNORT can be used as an IDS.
Step 1 : Install SNORT , WinPCap , Snort Rules
Step 2 : Configure SNORT
Step 3 : Run and Test SNORT
Step 1 :
Install Snort : https://www.snort.org
Under Download SNORT you can find various installers. Most of the downloads are for Linux if your going to run SNORT in Windows then you can go for Installer.exe
I have already downloaded and installed SNORT
Install WinPcap : Tool for capturing Packets
http://www.winpcap.org/install/
Download and Install WinPcap
I have downloaded and installed WinPcap
Download and Extract the Rules :
You can extract the Registered Rules .
But before that you may have to signup and then install
If you have Subscribed then you can go for Subscribed rules
or you can create an account and download rules from Registered Release
Note : Make Sure you have the same version of rules
I have already downloaded and extracted the rules
Inside rules folder copy the three rules (Preproc,Rules,So_rules) and Paste it in C:\Snort
where you have installed SNORT
Now you have done the setup
Darnie's 