.NET Framework 2.0 Security Inspection Questions - Auditing and Logging

From Guidance Share

Jump to: navigation, search

- J.D. Meier, Alex Mackman, Blaine Wastell, Prashant Bansode, Jason Taylor, Rudolph Araujo

Auditing and Logging Vulnerabilities and Implications



Lack of logging

It is difficult to detect and repel intrusion attempts.

Sensitive data revealed in logs

An attacker could use logged credentials to attack the server or could steal other sensitive data from the log.

Does the application log sensitive data?

Review the code to see if sensitive details are logged. Credentials and sensitive user data should not be logged. Applications might work with information that requires higher privileges to view than the log file does. Exposing sensitive data in a log file makes it more likely that the data will be stolen.

Personal tools