Website defacement is the technique of changing the appearance of a website or a webpage. This is generally done willfully by hackers or crackers who wish to challenge the website owner or disrupt his business. Most of the intrusion detection/prevention systems share the same problem of delayed attack detection. One of the better techniques would be ensure that hacked and defaced pages are not published on the net. In this technique the aim is not to prevent hacking but to assure that the hacked pages are never published to the outside world thus frustrating the intentions of a denial of service attacker. URTechnologies (URTECH), an emerging IT security solution provider in India, has a unique solution which, to our knowledge, is the only one of its kind as a protective measure against denial of service attacks. This hardware tool, known as WEBGUARD, works on cryptographic techniques and guarantees protection against website defacement. Working Principle The basic principle entails the usage of cryptographic techniques to automatically detect the website defacement, thus preventing delivery of hacked pages. Cryptographic techniques protect the integrity of both static and dynamic content such as CGIs, ASPs, Java Servlets, and Images etc of every outgoing web page. Security is guaranteed through use of dedicated, network transparent hardware tool which verifies the content in Real Time constantly and consistently. Thus, Webgaurd works as a data integrity tool. The three modes of operation are as follows: 1. Proxy: The webguard acts like a forward proxy and doesn’t process any request. This is essentially used to bypass webguard quickly during maintenance, and till an alternate webguard is fielded the contents are not protected. 2. Strict Mode: Webguard verifies the integrity of the fetched page. If integrity fails, error message will be sent to the client or else normal pages are served. Simultaneously alerting will also take place in case of hacking. 3. Cache: Same as the Strict mode except when the integrity fails, cached content will be sent to the client. In case of cache hit, error message will be sent to the client. Integrity verified normal pages will be cached during regular access to the pages. Mail/sms alert will be sent to the administrator in case of hack. With no IP address, Webguard remains hidden in the network and protects the data in the DMZ zone even from zero day hacks. Webguard preserves the sanctity of the defaced static and dynamic pages by “replacing them in real time” with cached ones that have been constantly and concurrently updated in tune with changes made by the Administrator. Thus, hacked pages are never exposed to the outside world. Concurrently alerts are sent to the admin by way of Email and sms. Unlike other software options, Webguard is a one-time buy and is reasonably priced with complete ease of customization. Tested and certified by CERT-IN, Webguard is currently being commercialized by URTECH in association with KBCRF, in partnership with the Anna University – KB Chandrasekhar Research Centre (AU-KBC) of Anna University at Chennai in India. For more detailed features of WEBGUARD, visit http://www.urtechnologies.net/products-services/webguard.html or contact info@urtechnologies.net.
Related Articles -
Website, Defacement, Prevention,
|