Posts Tagged ‘Security’

Today I faced some spyware attack on my machine and it totally controlled my machine where I can’t run any exe based program like browsers, installables, visual studio, cmd … etc

I struggled for some time and finally resolved it by doing following steps …

I tried to notice what process is running when I run any exe based program and I found it as nuk.exe. I tried to find the exe location thru process properties in task manager and then I killed all nuk.exe based processes. Later I have renamed the nuk.exe to nuk.exe.txt to stop it running on opening any exe based program. Later I deleted it.

After that I installed following spyware trail version software (Webroot SecurityAnywhere) from webroot and scanned the pc and removed threats.

http://www.webroot.com/En_US/sites/bbi/sem-wsaav-fp/?semcid=BTC_US_Non-Branded+Antispyware-Spyware+Remover-spyware%20removal%20tools

After that I installed Advanced SystemCare Free software and cleaned up malware, registry, shortcuts, history and junk files.

http://pcsupport.about.com/od/toolsofthetrade/tp/free-registry-cleaner-programs.htm

Advertisements

IIS 6.0 Resource Kit – contains a utility called SelfSSL.exe for instantly creating and installing a self-signed testing certificate into IIS.  The tool is intended for IIS 6.0, but it works on IIS 5.1 also and it is simple to use.

  • Download IIS 6.0 Resource Kit Tools
  • Install the resource kit (requires Windows Server 2003, Windows XP)
    From the Windows Start Menu, go to the “\Programs\IIS Resources\SelfSSL” folder and select “SelfSSL”.
  • Instructions will be listed in a command prompt. Type “selfssl” to run the program.
  • Type “y” to confirm overriding/installing the certificate on the given site.
  • Test that it worked by visiting https://localhost/.

References

Step by step instructions to setup – http://www.visualwin.com/SelfSSL/

Download resource kit from http://www.microsoft.com/download/en/details.aspx?DisplayLang=en&id=17275

Book related to resource kit – http://www.addall.com/New/BestSeller.cgi?isbn=0735614202&dispCurr=USD

Following link has simple and good information about how Authentication/Authorization can be done on web pages/web services in intranet and internet enviroments using IIS, Web.config …

http://www.15seconds.com/issue/020312.htm

Brief conclusion of above link (follow the link for step by step trails …)

Authentication

  • Windows authentication
    • Integrated Windows authentication – client machine computes a hash value by encrypting the user’s credentials and send it to the server
    • Basic and basic with SSL authentication – client does not generate hash value but values will be first encoded using base64 before transmitting. Its not secure bcos anyone who knows how to decode base64 string can easily decode it. So Basic wih SSL is secure.
    • Digest authentication – New type of authentication available from W2k OS and IE5+. In this user credentials will be sent on wire after encrypting them using MD5 (Message digest 5) hashing mechanism.
    • Client Certificate authentication – There are two types of certificates — server certificates and client certificates. Server certificates ensure that the identity of the server is valid and we can trust it; similarly client certificates ensure that the identity of the client is valid and the client can be trusted.
  • Forms authentication – ASP.NET redirects the unauthenticated users to a login page that can be configured in the Web.config file which intern authenticate the user by checking the provided user ID and password against some user database
  • Passport authentication – Passport authentication, a centralized service provided by Microsoft, offers a single logon point for clients. Unauthenticated users are redirected to the Passport site. Similar to the Forms authentication, this redirection might create problems for clients, unless they are programmed to handle the case of redirection.
  • None or Custom Authentication – Out of the all authentication methods, except for Forms and Passport authentications all other methods require Windows accounts for implementing security. Creating and maintaining Windows accounts for a Web application might create problems when scaling an application for more Web servers because we also have to duplicate all the Windows accounts and permissions on other Web servers.

There are some ways to provide custom authentication for our Web Services, for example –

  1. Accept a username and password as a parameter to our method calls
  2. Provide a logon method for our clients to call before they call any other business method. In that logon method, we can verify their credentials and issue them some kind of key to use in future method calls.
  3. Use SOAP headers for passing authentication information

Authorization

  • Windows NTFS file authorization – use that ACL (Access Control List) for authorization services
  • ASP.NET URL authorization – access is granted or denied for web page or service urls based on different application criterias defined in Web.config file.

More advanced ideas …

For securing SOAP header which may have sensitive  info like user id/pwd, you can use SOAP Extension to intercept the SOAP message and encrypt/decrypt at client/server side using SoapExtension class + ChainStream, GetInitilizer, Initialize, ProcessMessage methods. Refer below link for step by step trails ..

http://www.c-sharpcorner.com/UploadFile/sovonnath/SOAPHeaderandSOAPExtensionsinaWebService11162005021034AM/SOAPHeaderandSOAPExtensionsinaWebService.aspx

Refer below link for customizing ASP.NET security and writing our own HTTP handlers and modules …

http://www.15seconds.com/issue/020417.htm

HtmlEncode: function (text) {
 encodedText = text.replace(/&/g, “&”);
        encodedText = encodedText.replace(/</g, “&lt;”);
        encodedText = encodedText.replace(/>/g, “&gt;”);
        encodedText = encodedText.replace(/”/g, “&quot;”);
        encodedText = encodedText.replace(/’/g, “'”);
        encodedText = encodedText.replace(/\\/g, “\”);
        return encodedText;
}
HtmlDecode: function (text) {
        decodedText = text.replace(/&amp;/g, “&”);
        decodedText = decodedText.replace(/&lt;/g, “<“);
        decodedText = decodedText.replace(/&gt;/g, “>”);
        decodedText = decodedText.replace(/&quot;/g, “\””);
        decodedText = decodedText.replace(/'/g, “‘”);
        decodedText = decodedText.replace(/\/g, “\\”);
        return decodedText;
}