ASP.NET 2.0 Security Inspection Questions - Auditing and Logging

From Guidance Share

Jump to: navigation, search

- J.D. Meier, Alex Mackman, Blaine Wastell, Prashant Bansode, Jason Taylor, Rudolph Araujo

Auditing and Logging Vulnerabilities and Implications



Lack of logging

It is difficult to detect and repel intrusion attempts.

Sensitive data revealed in logs

An attacker could use logged credentials to attack the server or could steal other sensitive data from the log.

The following questions help you to identify vulnerable areas:

  • Does the application use health monitoring?
  • Does the application log sensitive data?

Does the application use health monitoring?

ASP.NET version 2.0 introduces a health monitoring feature that you should use to log and audit events. By default, health monitoring is enabled for ASP.NET version 2.0 applications and all Web infrastructure error events (inheriting from System.Web.Management.WebErrorEvent) and all audit failure events (inheriting from System.Web.Management.WebFailureAuditEvent) are written to the event log. The default configuration is defined in the <healthMonitoring> element in the machine-level Web.config.comments file. To audit additional security related events, you create custom event types by deriving from one of the built-in types. For more information, see How To: Use Health Monitoring in ASP.NET 2.0.

Does the application log sensitive data?

Review the code to see if sensitive details are logged. Credentials and sensitive user data should not be logged. Applications might work with information that requires higher privileges to view than the log file does. Exposing sensitive data in a log file makes it more likely that the data will be stolen.

Personal tools