[white hat talks about web security] Chapter 1 my security world view

1.1 Web Brief history of safety

1. A brief history of Chinese hackers

The age of enlightenment ： Due to personal interests and hobbies and the influence of foreign hacker technology .

The golden age ： Attacks for profit began to appear , The black industrial chain is gradually taking shape .

The age of darkness ： Superior bad discard .

2.SQL Inject and XSS（ Cross-site scripting attacks ） The appearance of is Web Two milestones in the history of security .

SQL Inject ： finger web The application does not judge or filter the validity of the user's input data , Attackers can web Add extra... At the end of a predefined query statement in the application SQL sentence , Implement illegal operation without the administrator's knowledge , In this way, the database server is cheated to execute any unauthorized query , So we can get the corresponding data information .

3. The essence of security problem is the problem of trust .

1.5 Three elements of safety

CIA： Confidentiality （Confidentiality）、 integrity （Integrity）、 Usability （Availability）.

Confidentiality It is required to protect data content from leakage , Encryption is a common means of achieving confidentiality requirements .

integrity It is required to protect whether the data content is complete 、 Not tampered with , The common technical means to ensure consistency is digital signature .

Usability The requirement to protect resources is “ On demand ”.

Example ： Suppose a parking lot has 100 A parking space , Under normal circumstances, it can stop 100 Vehicles , One day a bad man moved 100 A big stone occupied all the parking spaces , Then the parking lot can no longer provide normal services . In the field of security, it is called Denial of service attacks , abbreviation DoS（Denial of Service）. Denial of service attacks destroy the availability of security .

1.6 How to implement safety assessment

1. A safety assessment process , It can be simply divided into 4 Stages ： Asset classification 、 Threat analysis 、 risk analysis 、 Confirm the solution .

Asset grading is the key to all work Basics , This work can help us clarify our goals , What to protect , In the field of security , We call the possible source of harm threat （Threat）, The possible loss is called risk （Risk）, Vulnerabilities refer to places in the system that may be threatened and exploited to cause harm .

2.STRIDE Model （ Threat modeling methods ）

3.DREAD Model （ risk analysis ）

4. Excellent and safe scheme ： Can effectively solve problems ; Good user experience ; High performance ; Low coupling ; Easy to expand and upgrade .

1.7 White hat art of war

1.Secure By Default principle

（1）Secure By Default principle , It can also be summarized as White list , The blacklist Thought . If you use whitelists more , Then the system will become more secure .

（2） The principle of minimum authority The system is required to grant only the necessary permissions to the principal , Don't over authorize , This can effectively reduce the system , The Internet , application , Opportunities for database errors .

（3）SSH： Refers to the security protocol based on the application layer , Designed to provide security for remote login sessions and other network services .

2. Defense in depth principle

The principle of defense in depth contains two meanings ：

（1） At different levels , Different aspects of implementing security programs , Avoid omissions , Different security schemes need to cooperate with each other , Form a whole ;

（2） Do the right thing in the right place , namely ： Implement targeted security solutions where fundamental problems are addressed .

For a complex system , Defense in depth is a necessary choice to build a security system .

3. Principle of separation of data and code

（1） This principle applies to all kinds of reasons “ Inject ” And the scene that causes security problems . actually , out of buffer , It can also be considered that the procedure violates this principle —— The program is on the stack or heap , Execute user data as code , Confusing the boundaries of code and data , This leads to safety problems .

（2） out of buffer ： For program design defects , Write to the program input buffer to overflow , Exceeds the maximum amount of data that the buffer can hold , So as to destroy the operation of the program 、 Take advantage of the interruption to gain control of the program and even the system .

4. The principle of unpredictability

（1） Microsoft uses ASLR technology , In the newer version of Linux The kernel also supports . stay ASLR Under the control of , Every time a program starts , The stack base addresses of their processes are different , It has a certain randomness , For the attacker , This is it. “ Unpredictability ”.

（2） Unpredictability , It can effectively resist tampering 、 Fake attacks .

（3） The implementation of unpredictability often needs to use encryption algorithm , Random number algorithm , The hash algorithm , Make good use of this rule , When designing safety schemes, we often get twice the result with half the effort .