How many attacks we must consider?!

May 10, 2008 03:32pm pdt

1. hielo 393,380
2. angelIII 132,290
3. logudotcom 96,358
4. routinet 94,772
5. hernst42 90,474
6. RQuadling 90,196
7. rowejd 77,343
8. dr_dedo 74,810
9. nplib 72,610
10. Xyptilon2 68,772
11. yodercm 62,754
12. bportlock 61,356
13. Ray_Paseur 60,534
14. Roonaan 54,335
15. steelseth12 43,890

1. angelIII 717,457
2. ldbkutty 688,003
3. hernst42 646,347
4. Roonaan 582,275
5. wasifg 503,829
6. RQuadling 472,809
7. hielo 410,305
8. snoyes_jw 401,445
9. steelseth12 301,165
10. i_m_aamir 292,259
11. glcummins 281,313
12. gamebits 277,284
13. TeRReF 262,878
14. yodercm 254,990
15. Diablo84 239,472

03.27.2008 at 11:22PM PDT, ID: 23276542

	[x] Attachment Details

[x]

The Solution Rating System

With so many solutions, how can you tell which solutions are most likely to help you and which ones are not? To provide you with a tool to use, we rate our solutions based on various elements that most accurately determine if a solution is a quality solution. To explain what factors affect the solution rating, here are the elements we take into consideration when formulating our solution rating.

The Grade of the Solution
The Zone Rank of the Expert Providing the Solution
The Number of Author and Expert Comments
The Number of Experts Contributing
The Feedback of the Community

Your Input Matters
Because of the way the system is set up, the most important variable in this equation is you. As a member of Experts Exchange, you are able to cast your vote on the quality of the solutions in regard to how complete, accurate, helpful and easy to understand each solution is. When you provide your feedback, each rating is adjusted accordingly. So, if you see a solution that has a poor rating that you think is a good solution, let us know by rating it. As you do, the rating will be adjusted and will become more accurate for other members of our site.

If you have any suggestions that you would like to make for our rating system, please ask a question in the Suggestions Zone of Community Support.

Thank you!

7.6

How many attacks we must consider?!

Zones: PHP and Databases, PHP Scripting Language

Hello,all
It is around 5 months that i'm working on a site for music streaming(not online yet) with mysql-php
and have heard about these attacks that we must consider,i appreciate that guide the best way for protection.

-Sql injection attack:

for connecting to db i use these codes ,are these safe?if no,please your guide.

$dbhost = 'localhost';
$dbuser = 'root';
$dbpass = 'pari';
$conn = mysql_connect($dbhost, $dbuser, $dbpass) or die ('Error connecting to mysql');

$dbname = 'musicarchive';
mysql_select_db("$dbname");
mysql_query('SET NAMES utf8',$conn); //for utf charachter

-Header injection attack:

At the top of a page i use these codes for redirecting ,are these also safe?

<?php

if ( strlen ($_REQUEST['Textfield1']) < 3 )
{
header ("Location: http://localhost/PersianPersiaPHP/music/alert.php");
}
?>

-I have heard something about "echo attack" also ,but i don't know what is it,and what are issues that i must consider?

Thanks

Start your free trial to view this solution

Question Stats

Zone: Web Development

Question Asked By: MOSTAGHASSI

Solution Provided By: Ray_Paseur

Participating Experts: 4

Solution Grade: A

Translate:

Loading Advertisement...

Microsoft

Internet Protocols
Applications

Development
OS

Hardware
Windows Security

Apple

Operating Systems
Hardware

Programming
Networking

Software

Internet

Search Engines
File Sharing
WebTrends / Stats
Spy / Ad Blockers

Web Browsers
New Net Users
Web Development
Chat / IM

Anti Spam
Web Servers
Anti-Virus
Email Clients

Gamers

Tips
Online / MMORPG
Puzzle
Emulators

Action / Adventure
Role Playing
Consoles
Game Programming

Strategy
Sports
Misc
Computer Games

Digital Living

Hardware
New Net Users
New Users

Software
Digital Music
Gaming World

Home Security
Apple
Networking Hardware

Virus & Spyware

Vulnerabilities
IDS
Encryption
Anti-Virus

Operating Systems Security
Software Firewalls
WebApplications
Cell Phones

Operating Systems
Internet
Hardware Firewalls

Hardware

Handhelds / PDAs
Displays / Monitors
Components
Networking Hardware

Peripherals
Laptops/Notebooks
Storage
Servers

Desktops
New Users
Misc
Apple

Software

System Utilities
Industry Specific
Network Management
Photos / Graphics
Page Layout
VMWare
Misc
Web Development

OS
CYGWIN
Voice Recognition
Message Queue
Quality Assurance
Security
Firewalls
MultiMedia Applications

Development
Database
Office / Productivity
Business Management
OS/2 Apps
Server Software
Internet / Email

ITPro

OS
Storage
Encryption
Operating Systems Security
Apple Hardware
Laptops & Notebooks
Servers
Networking Hardware
Peripherals

Devices
Displays / Monitors
WebTrends / Stats
Search Engines
Firewalls
WebApplications
IDS
Vulnerabilities
Email Clients

File Sharing
Spy / Ad Blockers
Web Browsers
Web Servers
Networking
Anti-Virus
Chat / IM
Anti Spam

Developer

Web Servers
Web Browsers
Game Programming
Dev Tools
Industry Specific
Office / Productivity

Database
CYGWIN
Web Development
Search Engines
File Sharing
WebTrends / Stats

Programming
Content Management
Application Servers
Protocols

Storage

Removable Backup Media
Storage Technology
Servers

Grid
Remote Access
Backup / Restore

Misc
Hard Drives

Miscellaneous
Security
Development
Linux
VMWare

MainFrame OS
Unix
Apple
OS / 2
AS / 400

BeOS
Microsoft
VMS / OpenVMS

Database

Oracle
Miscellaneous
MySQL
Software
Sybase
Contact Management
PostgreSQL
Data Manipulation
Clarion
InterSystems Cache

Siebel
MUMPS
OLAP
SQLBase
SAS
GIS & GPS
4GL
Berkeley DB
DB2
Informix

Interbase / Firebird
FoxPro
Reporting
LDAP
Filemaker Pro
MS SQL Server
dBase
MS Access

Security

Misc
Web Browsers
Software Firewalls
Operating Systems Security
File Sharing

Spy / Ad Blockers
Vulnerabilities
WebApplications
IDS
Anti-Virus

Encryption
Anti Spam
Email Clients
VPN
Chat / IM

Programming

Editors IDEs
Installation
Handhelds / PDAs
Multimedia Programming
System / Kernel

Algorithms
Game
Signal Processing
Project Management
Open Source

Database
Misc
Languages
Processor Platforms
Theory

Web Development

Scripting
Blogs
Web Servers
Software
Search Engines
Web Graphics
Images

Internet Marketing
Images and Photos
Components
Document Imaging
Web Languages/Standards
Illustration
WebApplications

Fonts
WebTrends / Stats
Authoring
Digital Camera Software
Miscellaneous

Networking

Protocols
Apple Networking
Network Management
Message Queue
Application Servers
Content Management
File Servers
Email Servers
Misc
Java Editors & IDEs

Wireless
Networking Hardware
Backup / Restore
System Utilities
ISPs & Hosting
Web Servers
Storage Technology
Removable Backup Media
Servers
Broadband

Grid
OS / 2
Novell Netware
Unix Networking
Windows Networking
Security
Telecommunications
Operating Systems
Linux Networking

Other

Community Advisor
Lounge
Community Support
New Net Users

Philosophy / Religion
Math / Science
Miscellaneous
URLs

Expert Lounge
Politics
Puzzles / Riddles

Community Support

Suggestions
New to EE
New Topics
Community Advisor

CleanUp
Announcements
General

Feedback
Input
EE Bugs

03.27.2008 at 11:41PM PDT, ID: 21228397

Rank: Guru

logudotcom:

SQL inject notes, http://www.sitepoint.com/article/php-security-blunders/2

Assisted Solution

03.27.2008 at 11:47PM PDT, ID: 21228408

drxav:

I suggest you change your db password now that you have publicly posted it lol :)

03.27.2008 at 11:50PM PDT, ID: 21228414

Rank: Guru

logudotcom:

I would recommend to go through PHP Security Related Articles / Notes ... So that you can prevent the spam attack and other security holes ...

03.28.2008 at 12:59AM PDT, ID: 21228588

MOSTAGHASSI:

I need your practical experiences as breifly and as like as you have done in your projects.

drxav,
This is not a real password.

03.28.2008 at 01:13AM PDT, ID: 21228628

Rank: Guru

logudotcom:

I have been faced below issues on my site,

#1 Type direct URL and access the pages (Admin / restricted pages
==================================================
-- I have used $_SESSION and validate the user login

#2 SQL inject...
=============
-- I have used the above techniques ... user may use OR , ',` ..etc

#3 Login Area Section
==================
-- users will try the default username, password like admin, admin123 etc.

#4 SPAM injection on Guestbook / Feedback
==================================
--validate the emails and hostname properly and avoid
-- implement Captcha solutions also

#5 Empty values submission /Unvalidated Input Errors
=======================================
-- validate Javascript + System server side validation of inputs

Assisted Solution

03.28.2008 at 01:21AM PDT, ID: 21228663

Rank: Guru

logudotcom:

>> "echo attack"

you may try on this, so when you echo data from the database,

for example, echo statement :

echo "$_REQUEST['Textfield1']";

use this function, htmlspecialchars() call, to avoid html injections.

echo htmlspecialchars($_REQUEST['Textfield1']) ;

ref. http://www.php.net/htmlspecialchars

Assisted Solution

03.28.2008 at 01:38AM PDT, ID: 21228722

MOSTAGHASSI:

logudotcom,
At this step i don't use login for track user what can i do in this state?

For echo this function is for variable and we must use it for all variables?

03.28.2008 at 02:03AM PDT, ID: 21228830

Rank: Guru

logudotcom:

>> i don't use login for track user what can i do in this state?

Incase if you don't have login section ... want to keep track users means .. track

"" IP address + datetime visited can be traced as hidden ... ""

OR give exactly what do you want to do here???

>> For echo this function is for variable and we must use it for all variables?

not necessary for all ... TEXT variables can be used ... e.g Messages, String values, Name, search value etc.,

03.28.2008 at 03:27AM PDT, ID: 21229115

Rank: Master

Ray_Paseur:

Mostaghassi:

Philosophically, you must understand that EVERY input from outside your script can be used to attack your script - this includes the PHP variables, which can be phonied up and presented as if they came from your server, and the contents of headers, etc. You are asking the right questions, but you have only begun to scratch the surface. There are numerous working groups on internet and data base security - use Google to find and follow their publications. In USA, Chris Shiflett is a well-known authority on the topic. Suggest you get hold of his books and follow his blog.

http://shiflett.org/

Good luck!

Accepted Solution

03.28.2008 at 03:33AM PDT, ID: 21229131

Rank: Sage

Squinky:

Make your DB server safe by using a firewall to restrict connections from anywhere but your web servers.

Run snort to see all the attacks that are hitting your server (there will be hundreds of different ones). http://snort.org/ Use oinkmaster to keep the rules up to date.

The example you posted for header injection protection is utterly useless - it does nothing at all to prevent those attacks! Mainly you just need to strip everything that occurs after a line break in any field that should not contain them.

Another useful weapon against spam gateway attacks is to throttle submissions by IP - for example if a site has hit the same page 10 time in an hour, just block it. It's not too hard to keep track of the source IPs and clear them out over time (memcache might be a good place to store that info in).

03.28.2008 at 04:14AM PDT, ID: 21229303

Rank: Guru

logudotcom:

Though the information is very useful but I think this question direction is changing

20080236-EE-VQP-29 / EE_QW_2_20070628