An area often overlooked in application development is insuring the security of network traffic. While encryption (such as SSL) is required for all authenticated connections including web pages and backend connections, there can be an insufficient understanding of the specifications and implementation details which produce insecure deployments.
The principle weakness of the transport layer is that is ability of attackers to monitor network traffic where they could discover such vulnerabilities as:
- Unsecured backend connections.
- The usage of improperly configured or expired certificates.
- SSL/TLS is used only during account authentication.
- Data and session IDs are able to be intercepted.
- The use of outdated or weak ciphers.
These vulnerabilities could lead to the exposure of user’s data, the promotion of phishing attacks or even the possibility of interception, injection or redirection.
To determine how vulnerable an application may be, consider these questions:
- Is SSL is used to protect all traffic related authentication?
- On all private pages and services is SSL is used for all resources?
- Is there certainty that only strong algorithms are in use?
- Is the ‘secure’ flag set on session cookies?
- Are legitimate server certificates in use and configured properly?
- Are certificates issued from an authorized source?
- Are server certificates in use expired?
- Are server certificates correct for the domains that use them?
The best methods to prevent transport layer vulnerabilities include:
- Implementing SSL for the entire site.
- Setting the ‘secure’ flag on for sensitive cookies.
- Using strong SSL algorithms such as FIPS 140-2 compliant.
- Insuring that a server certificate is valid, is not expired, is not revoked, and that it correctly matches all domains for which it is used.
- And certifying that backend and other connections also use SSL or other encryption mechanisms.
By insuring the implementation of these standards you can rest assured knowing that your application data is protected from unauthorized disclosure and modification during transmission.
For more information, see