Guidelines on Securing Public Web Servers


ActiveX


   is a set of technologies from Microsoft that provide tools for linking desktop 


applications to the WWW.  ActiveX controls are reusable component program objects that can 


be attached to e mail or downloaded from a Web site.  ActiveX controls also come preinstalled 


on Windows platforms.  Web pages invoke ActiveX controls using a scripting language or 


with an HTML OBJECT tag. 


The ActiveX security model is considerably different from the Java sandbox model.  The Java 


model restricts the permissions of applets to a set of safe actions.  ActiveX, on the other hand, 


places no restrictions on what a control can do.  Instead, ActiveX controls are digitally signed 


by their author under a technology scheme called Authenticode.  The digital signatures are 


verified using identity certificates issued by a trusted certificate authority to an ActiveX 


software publisher.  For an ActiveX publisher s certificate to be granted, the software publisher 


must pledge that no harmful code will be knowingly distributed under this scheme.  The 


Authenticode process ensures that ActiveX controls cannot be distributed anonymously and 


that tampering with the controls can be detected.  This certification process, however, does not 


ensure that a control will be well behaved.  Thus, the ActiveX security model assigns the 


responsibility for the computer system s security to the user [NIST01a].   


Before the browser downloads an unsigned ActiveX control, or a control whose corresponding 


publisher's certificate was issued by an unknown certifying authority, the browser presents a 


dialog box warning the user that this action may not be safe.  Users can choose to abort the 


transfer, or may continue the transfer if they assume the source is trustworthy or they are 


willing to assume the risk.  Most users, are probably unaware of the security implications of 


their decision, which may have serious repercussions.  Even when users are well informed, 


attackers may trick them into approving the transfer.  Because the security of ActiveX depends 


on the knowledge and awareness of the end user, it can be a very risky [NIST01a].   


Figure 6.1 shows the relative risk of ActiveX compared with other popular client side active 


content technologies [NIST01a].   


Figure 6.1: Relative Risk of Common Client Side Active Content  


6.3.2  Server Side Content Generation Technologies and Related Vulnerabilities 


Unlike the above technologies, CGI, ASP, and other similar server interfaces fall on the (Web) 


server side of the client server model.  Common uses of server side execution include [Zir02]: 


43






  

    

      

    
    
Home

    
    About
    
    Services
    
    Network
    
    Support
    
    FAQ
    
    Order
    
    Contact
    

    

     
    Web Hosting SSH



    

    

    

      Our partners:Jsp 
      Web Hosting
      Unlimited Web Hosting 
      Cheapest Web Hosting  Java 
      Web Hosting
      Web Templates
      Best Web Templates PHP Mysql Web Hosting
      
      Interland Web Hosting
      Cheap Web Hosting 
      PHP Web Hosting
      Tomcat Web Hosting
      Quality Web Hosting
      Best Web Hosting  Mac 
      Web Hosting  
      

      Lunarwebhost.net  Business web hosting 
      division of Vision Web Hosting Inc. All rights reserved