This project is read-only.

Countermeasures

Category Countermeasures
Auditing and Logging * Identify malicious behavior.
* Know your baseline (know what good traffic looks like).
* Use application instrumentation to expose behavior that can be monitored.
* Throttle logging.
* Strip sensitive data before logging.
Authentication * Use strong password policies.
* Do not store credentials in an insecure manner.
* Use authentication mechanisms that do not require clear text credentials to be passed over the network.
* Encrypt communication channels to secure authentication tokens.
* Use Secure HTTP (HTTPS) only with forms authentication cookies.
* Separate anonymous from authenticated pages.
* Using cryptographic random number generators to generate session IDs.
Authorization * Use least-privileged accounts.
* Tie authentication to authorization on the same tier.
* Consider granularity of access.
* Enforce separation of privileges.
* Use multiple gatekeepers.
* Secure system resources against system identities.
Configuration Management * Use access control lists (ACLs).
* Encrypt sensitive sections of configuration files.
* Use secure settings for various operations of Web services using configuration files.
Exception Management * Use structured exception handling (by using try/catch blocks).
* Catch and wrap exceptions only if the operation adds value/information.
* Do not reveal sensitive system or application information.
* Implement a global exception handler.
* Do not log private data such as passwords.
Impersonation/Delegation * Use Using statement to automatically revert impersonation.
* Granularly impersonate only those operations that need it.
Message Encryption * Use message security or transport security to encrypt your messages.
* Use proven platform-provided cryptography.
* Periodically change your keys.
Message Replay Detection * Use any platform-provided replay detection features.
* Consider creating custom code if the platform does not provide a detection mechanism.
Message Signing * Turn on message or transport security.
Message Validation * Do not trust client input.
* Validate input: length, range, format, and type.
* Validate XML streams.
* Constrain, reject, and sanitize input.
* Encode output.
* Restrict the size, length, and depth of parsed XML messages.
Sensitive Data * Do not store secrets in software.
* Encrypt sensitive data over the network.
* Secure the channel.
* Encrypt sensitive data in configuration files.
Session Management * Partition the site by anonymous, identified, and authenticated users.
* Reduce session timeouts.
* Avoid storing sensitive data in session stores.
* Secure the channel to the session store.
* Authenticate and authorize access to the session store.

Last edited May 24, 2010 at 11:03 PM by paulenfield, version 1

Comments

No comments yet.