51 How do I make my web server act as a front-end for a database thatlives on my private network?
Description
This article is from the Firewalls FAQ, by Matt Curtin cmcurtin@interhack.net and Marcus J. Ranum mjr@nfr.com with numerous contributions by others.
51 How do I make my web server act as a front-end for a database thatlives on my private network?
The best way to do this is to allow very limited connectivity between your
web server and your database server via a specific protocol that only
supports the level of functionality you're going to use. Allowing raw SQL,
or anything else where custom extractions could be performed by an attacker
isn't generally a good idea.
Assume that an attacker is going to be able to break into your web server,
and make queries in the same way that the web server can. Is there a
mechanism for extracting sensitive information that the web server doesn't
need, like credit card information? Can an attacker issue an SQL select and
extract your entire proprietary database?
``E-commerce'' applications, like everything else, are best designed with
security in mind from the ground up, instead of having security ``added'' as
an afterthought. Review your architecture critically, from the perspective
of an attacker. Assume that the attacker knows everything about your
architecture. Now ask yourself what needs to be done to steal your data, to
make unauthorized changes, or to do anything else that you don't want done.
You might find that you can significantly increase security without
decreasing functionality by making a few design and implementation
decisions.
Some ideas for how to handle this:
* Extract the data you need from the database on a regular basis so
you're not making queries against the full database, complete with
information that attackers will find interesting.
* Greatly restrict and audit what you do allow between the web server and
database.
Continue to:
My Books
