Do you think the statement ‘If we adhere to our secure design principles, we will deliver secure code’ is both necessary and suf

PROG8270 Winter 2019 – Assignment 3

Recall our network environment:

Domain Controllers:  Primary A/D Domain Controller: Server 2016,  Backup Domain Controller: Windows server 2012 R2

Email:  Exchange 2013 CU20 running on Windows Server 2012R2 updated April 1/2018.

Web server:  Linux Ubuntu Server 16.04 LTS updated Aug 1/2018. Apache 2.4.34 is being used

Clients:  60 auto-updated (current to 1/1/2019) Windows 10 PRO (developers),  30 Windows 7 PRO, last updated 1-Sept-2018, running a stock/common configuration.  10 sys admins run Ubuntu 18 Desktop, patched to current, but use VMware Workstation 12 for their

sysadmin tasks. The virtual machines may include Windows 7 sp1, Windows 8, Windows 8.1, Server 2012, Server 2012R2, Server 2016, and Server 2019.

Border firewall:  hardened Linux:

o outbound: all TCP/UDP ports allowed, o inbound: TCP80 to webserver, TCP443 to Exchange OWA, TCP25 to Exchange 2013 server.

Network:  There are no network access controls – all the computers are situated on a flat, Class-C network. The

Windows clients have default security settings.  100Mbit switched ethernet

Security Services:  There is no central SPAM server nor is there a centralized Anti-Virus system in place.

User accounts and restrictions:  All users are Domain users and each domain user is a local machine administrator on their primary

machine (but on no other).  All of the sys-admins know the domain Admin password and share access as required.

A simplified network diagram is shown:

This study source was downloaded by 100000816719754 from CourseHero.com on 03-11-2022 12:05:55 GMT -06:00

https://www.coursehero.com/file/52413454/PROG8270-Assignment-3docx/

In the time since reviewing that last vulnerability, the organization has implemented some changes to the network with the goal being improved security. The network now looks like this:

The network architects now have all the client machines browsing the Internet through a proxy server (red arrow #4). They have also created 2 DMZ zones. When Internet users attempt to browse to the webserver (red arrow #1), their network traffic passes through the border firewall (as before). Should the Internet user initiate some type of dynamic web request (list or search catalog, purchase, check open orders, etc.), the web server accesses the application and database servers through the firewall (red arrow #2). Internal users, including database analysts, will access both the application and database servers through the firewall (red arrow #3).

Now the system architects would like to add a web-based application to the Linux server (still running Linux Ubuntu Server 16.04 LTS with Apache 2.4.34). The application is based on phpBB version 2.0.19. The company plans to add TCP443 incoming (on a different external address) to the existing TCP80 into the Linux server, terminating at this new application.

A co-worker of yours has reviewed the source code of the new application and has sent you a *sampling* of the findings she discovered:

This study source was downloaded by 100000816719754 from CourseHero.com on 03-11-2022 12:05:55 GMT -06:00

https://www.coursehero.com/file/52413454/PROG8270-Assignment-3docx/

Emailer.php

The file emailer.php passes an unvalidated filename to a dynamic include statement on line 202. Allowing unvalidated user input to control files that are included dynamically in PHP can lead to malicious code execution.

Db2.php

Line 127 of db2.php invokes a SQL query built using unvalidated input. This call could allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands.

template.php

Attackers can control the filesystem path argument to file() at template.php line 265, which allows them to access or modify otherwise protected files.

This study source was downloaded by 100000816719754 from CourseHero.com on 03-11-2022 12:05:55 GMT -06:00

https://www.coursehero.com/file/52413454/PROG8270-Assignment-3docx/

Admin_styles.php

Line 783 of admin_styles.php sends unvalidated data to a web browser, which can result in the browser executing malicious code.

emailer.php

The file emailer.php interprets unvalidated user input as source code on line 151. Interpreting user- controlled instructions at run-time can allow attackers to execute malicious code.

Admin_users.ph p

Empty passwords can compromise system security in a way that cannot be easily remedied.

This study source was downloaded by 100000816719754 from CourseHero.com on 03-11-2022 12:05:55 GMT -06:00

https://www.coursehero.com/file/52413454/PROG8270-Assignment-3docx/

common.php

The program might review system data or debugging information in common.php with a call to error_reporting() on line 28. The information revealed by error_reporting() could help an adversary form a plan of attack.

Your task is complete a technical risk assessment on this proposal.

Remember, it is not your job to implement solutions to any problems you might identify. Rather, it’s your job to offer suggestions (possibly additional technologies, configurations, or changes to code) that would likely reduce the risks (to the organization) that will result from building this solution as planned.

There will be notable findings in the infrastructure/platform configs, the network topology and configuration, and the software configuration. The Internet will be a valuable resource also for additional vulnerabilities, issues, and recommendations.

It is recommended that you follow the layout described in the risk assessment report template, but other styles or layouts will be accepted.

Marking Rubric:

Risk Assessment Report: Technical Accuracy 40% Technical Completeness 40% Layout and style 10% Use of effective/professional written English (see course outline, section “Essential Employability Skills”)

10%

Standard deductions:

 5% for not having name and assignment # in your Word document  10% for zipping submission  Regular late submission penalty (see Instructional Plan)

This study source was downloaded by 100000816719754 from CourseHero.com on 03-11-2022 12:05:55 GMT -06:00

https://www.coursehero.com/file/52413454/PROG8270-Assignment-3docx/ Powered by TCPDF (www.tcpdf.org)