Page 1092 - (ISC)² CISSP Certified Information Systems Security Professional Official Study Guide
P. 1092
services to internet users. Firewalls and other security devices typically
contain rules allowing web traffic to pass through to web servers
unfettered. The applications running on web servers are complex and
often have privileged access to underlying databases. Attackers often
try to exploit these circumstances using Structured Query Language
(SQL) injection and other attacks that target flaws in the security
design of web applications.
You’ll find complete coverage of SQL injection attacks,
cross-site scripting (XSS), cross-site request forgery (XSRF), and
other web application vulnerabilities in Chapter 21, “Malicious
Code and Application Attacks.”
Web vulnerability scanners are special-purpose tools that scour web
applications for known vulnerabilities. They play an important role in
any security testing program because they may discover flaws not
visible to network vulnerability scanners. When an administrator runs
a web application scan, the tool probes the web application using
automated techniques that manipulate inputs and other parameters to
identify web vulnerabilities. The tool then provides a report of its
findings, often including suggested vulnerability remediation
techniques. Figure 15.5 shows an example of a web vulnerability scan
performed using the Nessus vulnerability scanning tool. This scan ran
against the web application running on the same server as the network
discovery scan in Figure 15.1 and the network vulnerability scan in
Figure 15.4. As you read through the scan report in Figure 15.5, notice
that it detected vulnerabilities that did not show up in the network
vulnerability scan.
