|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Beware websites with search facilities. Beware websites that use passwords and database driven content. Some of these websites, even ones you trust, have been compromised and are attacking your workstations.
"SQL injection is a technique that exploits a
security vulnerability occurring in the database layer of an application.
The vulnerability is present when user input is either incorrectly filtered
for string literal escape characters embedded in SQL statements or user
input is not strongly typed and thereby unexpectedly executed. It is in fact
an instance of a more general class of vulnerabilities that can occur
whenever one programming or scripting language is embedded inside another."
In
other words, a website developer has used a SQL database to deliver the
content you want to view. A Malware or Exploit has allowed someone to type
into the search boxes (or other boxes) strings of text that the database was
not expecting and causes it to miss behave and possibly cause it to inject
Malware onto it's host server. Most often, the attacker gets to load their
own programs into the web servers filesystem and gets these programs to run
automatically and then look for people to attack. You as the visitor then
come to the website, type in your search query and for your trouble,
something downloads and infects your PC. This infection is allowed
through your firewall as it appears to be requested by you and a firewall
always lets through what you request. Your
antivirus is then likely compromised and nothing can see the infection. This
normally means there is nothing to protect you except your surfing habits. This is not something you can fix at
your end. Web masters and programmers need to be smarter about the way they
design their websites. You can certainly be restrained and only visit
specific websites you trust but this is a moving target. Through Malvertisements
(See my Malware Glossary) and SQL Injections,
various numbers of trusted websites have recently been attacked. This has
included everything from Government sites, footing tipping and even charity
websites. As examples: whitepages.com.au yellowpages.com.au Oher Sensis websites Various law firms
cpe.sa.gov.au
AOL
Unicef From the above
list, you might stay away from AOL sites but many people have ninemsn as
their default page. Lots of people use Whitepages to look up phone numbers!
How can you protect yourself if these things get through and avoid firewalls
and the like ? At this point in
time, you can't. You need to be an alarmist and if something on your PC does
not look or feel right after beig on the internet, you need to tell someone.
( ) |
|
|
|
|
|
|
