OWASP secure Issues Handling

• 1 Login Issues
  • 1.1 What are the best practices I should remember while designing the login pages?
  • 1.2 Is it really required to redirect the user to a new page after login?
  • 1.3 How does the salted MD5 technique work?
  • 1.4 How can my "Forgot Password" feature be exploited?
  • 1.5 In "Forgot Password", is it safe to display the old password?
  • 1.6 Is there any risk in emailing the new password to the user's authorized mail id?
  • 1.7 What is the most secure way to design the Forgot Password feature?
  • 1.8 How do I protect against automated password guessing attacks?
  • 1.9 How can I protect against keystroke loggers on the client machine?
  • 1.10 My site will be used from publicly shared computers. What precautions must I take?
• 2 SQL Injection
  • 2.1 What is SQL Injection?
  • 2.2 Is it just ASP and SQL Server or are all platforms vulnerable?
  • 2.3 Apart from username and password which variables are candidates for SQL Injection?
  • 2.4 How do we prevent SQL Injection in our applications?
  • 2.5 I'm using stored procedures for authentication, am I vulnerable?
  • 2.6 I'm using client side JavaScript code for checking user input. Isn't that enough?
  • 2.7 Are Java servlets vulnerable to SQL injection?
  • 2.8 Can an automated scanner discover SQL Injection?
• 3 Variable Manipulation
  • 3.1 Why can't I trust the information coming from the browser?
  • 3.2 What information can be manipulated by the attacker?
  • 3.3 How do attackers manipulate the information? What tools do they use?
  • 3.4 I'm using SSL. Can attackers still modify information?
  • 3.5 Is there some way to prevent these proxy tools from editing the data?
• 4 Browser Cache
  • 4.1 How can the browser cache be used in attacks?
  • 4.2 How do I ensure that sensitive pages are not cached on the user's browser?
  • 4.3 What is the best way to implement Pragma: No-cache?
  • 4.4 What's the difference between the cache-control directives: no-cache, and no-store?
  • 4.5 Am I totally safe with these directives?
  • 4.6 Where can I learn more about caching?
• 5 Cross Site Scripting
  • 5.1 What is Cross Site Scripting?
  • 5.2 What information can an attacker steal using XSS?
  • 5.3 Apart from mailing links of error pages, are there other methods of exploiting XSS?
  • 5.4 How can I prevent XSS?
  • 5.5 Can XSS be prevented without modifying the source code?
  • 5.6 What is Cross Site Tracing (XST)? How can it be prevented?
• 6 Web Server Fingerprinting
  • 6.1 How do attackers identify which web server I'm using?
  • 6.2 How can I fake the banners or rewrite the headers from my web server?
  • 6.3 Once I fake the banners, can my web server still be fingerprinted?
  • 6.4 A friend told me it's safer to run my web server on a non-standard port. Is that right?
  • 6.5 Should I really be concerned that my web server can be fingerprinted?
• 7 Testing
  • 7.1 I want to chain my proxy tool with a proxy server; are there tools that let me do that?
  • 7.2 Can't web application testing be automated? Are there any tools for that?
  • 7.3 Where can I try out my testing skills? Is there a sample application I can practice with?
  • 7.4 Are there source code scanning tools for .NET languages, Java, PHP etc that predict vulnerabilities in the source code?
  • 7.5 Can non-HTTP protocols also be intercepted and played with like this?
• 8 Cryptography/SSL
  • 8.1 What is SSL?
  • 8.2 Should I use 40-bit or 128-bit SSL?
  • 8.3 Is 40-bit SSL really unsafe?
  • 8.4 What all are encrypted when I use SSL? Is the page request also encrypted?
  • 8.5 Which cryptographic algorithms do SSL use?
  • 8.6 I want to use SSL. Where do I begin?
• 9 Cookies and Session Management
  • 9.1 Are there any risks in using persistent vs non-persistent cookies?
  • 9.2 Can another web site steal the cookies that my site places on a user's machine?
  • 9.3 Which is the best way to transmit session ids- in cookies, or URL or a hidden variable?
  • 9.4 What are these secure cookies?
  • 9.5 If I use a session ID that is a function of the client's IP address, will session hijacking be prevented?
  • 9.6 How about encrypting the session id cookies instead of using SSL?
  • 9.7 What is the concept of using a page id, in addition to the session id?
• 10 Logging and Audit Trails
  • 10.1 What are these W3C logs?
  • 10.2 Do I need to have logging in my application even if I've W3C logs?
  • 10.3 What should I log from within my application?
  • 10.4 Should I encrypt my logs? Isn't that a performance hit?
  • 10.5 Can I trust the IP address of a user I see in my audit logs? Could a user be spoofing/impersonating their IP address?
• 11 Miscellaneous
  • 11.1 What are Buffer Overflows?
  • 11.2 What are application firewalls? How good are they really?
  • 11.3 What is all this about "referrer logs", and sensitive URLs?
  • 11.4 I want to use the most secure language; which language do you recommend?
  • 11.5 What are the good books to learn secure programming practices?
  • 11.6 Are there any training programs on secure programming that I can attend?
•