Sunday, May 12, 2013

Clarification on SIGKILL, SIGTERM, SIGINT, SIGQUIT, SIGSTP and SIGHUP

A few days ago, i landed upon unix signals that lead to process termination. I guess i was trying to remember the signals generated in linux when one presses Ctrl+Z and Ctrl+C. Memory did not serve me at that moment and i decided to look these up, one more time. I realized that having a consolidated book which explains these terms clearly is better than searching loads of webpages. I did the later since i had kept my unix os book away from my reach.To my disappointment, there was no single link that listed out all differences in an orderly fashion.

Hence, in this post, i wish to delineate these terms by consolidating my findings from stackoverflow, wikipedia and other unix internals websites. Here it goes:

SIGKILL: Terminates a process immediately. This signal cannot be handled (caught), ignored or blocked. (The "kill -9" command in linux generates the same signal).

SIGTERM: Terminates a process immediately. However, this signal can be handled, ignored or caught in code. If the signal is not caught by a process, the process is killed. Also, this is used for graceful termination of a process. (The "kill" command in linux if specified without any signal number like -9, will send SIGTERM)

SIGINT: Interrupts a process. (The default action is to terminate gracefully). This too, like, SIGTERM can be handled, ignored or caught. The difference between SIGINT and SIGTERM is that the former can be sent from a terminal as input characters. This is the signal generated when a user presses Ctrl+C. (Sidenote: Ctrl+C denotes EOT(End of Transmission) for (say) a network stream)

SIGQUIT: Terminates a process. This is different from both SIGKILL and SIGTERM in the sense that it generates a core dump of the process and also cleans up resources held up by a process. Like SIGINT, this can also be sent from the terminal as input characters. It can be handled, ignored or caught in code. This is the signal generated when a user presses Ctrl+\.

SIGSTP: Suspends a process. This too, can be handled, ignored or blocked. Since it does not terminate the process, the process can be resumed by sending a SIGCONT signal. This signal can be generated by pressing Ctrl+Z. (Sidenote: Ctrl+Z stands for substitute character which indicates End-of-File in DOS)

SIGHUP: (From Wikipedia): Hangs up a process when the controlling terminal is disconnected. This especially relates to modem/dial in connections. A process has to explicitly handle this signal for it to work. A good use is to "poke" a process and letting the process (as defined by the programmer) decide what to do with the signal is described here. Hence, SIGHUP can be handled, ignored or caught. This is the signal generated when a user presses Ctrl+D.

Technorati Tags: unix, signals, Unix-signals, SIGINT, SIGTERM, SIGKILL SIGQUIT, SIGSTP, SIGHUP

Monday, April 29, 2013

Designing a good security policy for your websites

Recently, i went through web server security and security analysis of forums based on phpBB. Although i do agree that humans are the weakest link in the security chain, there are a few measures a web developer can take to prevent malicious users from exploiting their website.

1) The login page (or any other page that requires authentication) should use HTTPS. The best approach is to use HTTPS throughout your website.

2) Set secure cookies and check them on each request from the user. This goes hand in hand with step 1.

3) Limit the maximum number of login attempts (say 5). Also, use techniques like exponential delay at each failed login attempt.

4) Deploy captcha verification on pages that require authentication (probably couple the captcha with the login page). Captcha should be account based rather than IP based (doing so prevents DDOS attacks since step 3 should stop login attempts after a few incorrect tries regardless of the IP used to log into the account)

5) After the maximum number of invalid login attempts have been reached, a web developer can go with two approaches.
     i) Deactivate the account and send password reset link at the user's registered email.
                                                                      OR
    ii)  Throw up a security question (entered earlier by the user) and follow the deactivation step if this too fails.

6) Set a password complexity policy (make digits, mixed alphabets and special characters mandatory along with a minimum password length)

7) Change the session ID on each request (for websites that require extra-security). Also, make sure that the session ID or any other session information is not a part of the query string (this will not be much of a problem if HTTPS is used throughout the website)

8) Force logout after a fixed period of inactivity.

9) Make extra authentication checks for administrator logins.

10) Never trust user input. Always validate it.

11) Maintain a blacklist (or whitelist) of users (IP based or whatever suits you best) to block malicious users who try to attack your website. It's not recommended to block them forever.

12) Understand and write your robots.txt with diligence.

13) Use vulnerability scanners to scan your website for security loopholes. Some good ones are jsky, acunetix and w3af. Fix the issues these scanners list and re-scan to confirm from various other scanners.

 14) Take regular backups of your website. In case of a security incident, the migration to another webserver or to restore the site back will be seamless with proper backups.

15) Monitor your website traffic and statistics on a regular basis. Watch out for unusual traffic (depending on IP, location, webpage requested and so on). Use google's webmaster's tool and google analytics to aid you in the development and monitoring process.

These are just my thoughts. Feedback or any other addition to the above listed policy is appreciated.

Technorati Tags: security, Policy, Web security, phpBB