WebApp Chapter Notes:
● Internet is the physical set of networks providing many services
● World Wide Web is a set of applications running on top of the Internet
● Majority of Internet attacks aimed at Web applications
● Simple Mail Transfer Protocol (SMTP)
○ Used to send Internet mail
● Post Office Protocol 3 (POP3) and Internet Message Access Protocol (IMAP)
○ Used to retrieve Internet mail
● Protocols operate within Application layer of the OSI reference model
● SMTP TCP/UDP Port 25
● POP3 TCP/UDP Port 110
● IMAP TCP/UDP Port 143
● SSH TCP/—- Port 22
● An open mail relay is a SMTP server configured in such a way that it allows anyone on
the to send email through it, not just mail destined to or originating from known users.
● Mail bombing
○ E-mail based denial of service attack - sending of a massive amount of e-mail to
a specific person or system.
● SMTP, POP AND IMAP security solutions:
● Restrict mail relayed on the email server
● Test server configuration to be sure it is not set up as open relay
● Use real-time blacklisting
● Authenticate on POP before allowing mail sent through SMTP server
● File Transfer Protocol (FTP)
○ Simple method of transferring files between computer systems
○ Operates in the Application layer of the OSI reference model
○ Requires two TCP ports for communications
■ Command port and data port
, ● Trivial File Transfer Protocol (TFTP)
○ Used to transfer data files
○ Fewer features than FTP
○ Uses only one port
● Used most often on network appliances
○ To transfer configuration files, backups, and boot files
○ Best option to avoid the use of TFTP and FTP
○ Use encryption and authentication
○ Avoid anonymous FTP
● Telnet:
○ Application-layer protocol for remote computer connection.
○ Users remotely access a shell to run programs and perform actions.
○ Vulnerable to attacks due to:
○ Misconfigured servers.
○ Unencrypted traffic over the network.
○ Allows sniffers to monitor sessions.
● Telnet Security Solutions:
○ Best practice: Avoid using Telnet.
○ Use Secure Shell (SSH) or other encrypted tools instead.
○ Enforce strong passwords and appropriate user rights.
○ Limit server exposure to the Internet.
○ Require external users to connect via VPN.
● Secure Shell (SSH):
○ Establishes a secure channel between systems.
○ More secure than Telnet for remote logins.
○ Widely used in electronic commerce.
○ Utilizes public key encryption for session establishment.
● Internet is the physical set of networks providing many services
● World Wide Web is a set of applications running on top of the Internet
● Majority of Internet attacks aimed at Web applications
● Simple Mail Transfer Protocol (SMTP)
○ Used to send Internet mail
● Post Office Protocol 3 (POP3) and Internet Message Access Protocol (IMAP)
○ Used to retrieve Internet mail
● Protocols operate within Application layer of the OSI reference model
● SMTP TCP/UDP Port 25
● POP3 TCP/UDP Port 110
● IMAP TCP/UDP Port 143
● SSH TCP/—- Port 22
● An open mail relay is a SMTP server configured in such a way that it allows anyone on
the to send email through it, not just mail destined to or originating from known users.
● Mail bombing
○ E-mail based denial of service attack - sending of a massive amount of e-mail to
a specific person or system.
● SMTP, POP AND IMAP security solutions:
● Restrict mail relayed on the email server
● Test server configuration to be sure it is not set up as open relay
● Use real-time blacklisting
● Authenticate on POP before allowing mail sent through SMTP server
● File Transfer Protocol (FTP)
○ Simple method of transferring files between computer systems
○ Operates in the Application layer of the OSI reference model
○ Requires two TCP ports for communications
■ Command port and data port
, ● Trivial File Transfer Protocol (TFTP)
○ Used to transfer data files
○ Fewer features than FTP
○ Uses only one port
● Used most often on network appliances
○ To transfer configuration files, backups, and boot files
○ Best option to avoid the use of TFTP and FTP
○ Use encryption and authentication
○ Avoid anonymous FTP
● Telnet:
○ Application-layer protocol for remote computer connection.
○ Users remotely access a shell to run programs and perform actions.
○ Vulnerable to attacks due to:
○ Misconfigured servers.
○ Unencrypted traffic over the network.
○ Allows sniffers to monitor sessions.
● Telnet Security Solutions:
○ Best practice: Avoid using Telnet.
○ Use Secure Shell (SSH) or other encrypted tools instead.
○ Enforce strong passwords and appropriate user rights.
○ Limit server exposure to the Internet.
○ Require external users to connect via VPN.
● Secure Shell (SSH):
○ Establishes a secure channel between systems.
○ More secure than Telnet for remote logins.
○ Widely used in electronic commerce.
○ Utilizes public key encryption for session establishment.
