Recent security measures have become very important, and it is necessary to consider various measures in an environment connected to the Internet.
Security requires consideration of various measures to protect servers in the cloud. Well-known security threats and attacks include:
Password cracking
Attackers will parse valid account name and password combinations against your server.
If you are using the default account name, this information is useful to the attacker. Attackers have to parse accounts and passwords, but using blank or weak passwords makes the attacker's job easier.
Two methods for cracking passwords are brute force and dictionary attacks.
Brute force attack: A type of cryptanalysis method. A method that lists all possible keys and attempts to decrypt them from scratch.
A part of the ciphertext is converted according to the decryption program to see if the sentence becomes meaningful. Accounts that can attack any form of cryptography but are considered to increase key length increase exponentially, making accounts easier to parse but with fewer characters.
Dictionary attack: An attack technique used to crack passwords and decryptions.
When using it for password breaking, it is a way to try by typing a word in the dictionary from one end, and in many cases, it is not only entered as it is, but also adds processing such as mixing uppercase and lowercase letters and adding numbers.
The Confiker.B worm used weak password dictionaries to compromise machines. You're probably using a list of credentials (username and password) and gain relatively easy access, especially when delivered in scripts. This approach has received more attention than brute force, which increases the chances of success in a more socially short time.
Spoofing
Using a fake ID to try to access the system.
This can be achieved by using stolen user information or fake IP addresses.
After an attacker gains access to a legitimate user, host, etc., various hacks are performed using authorization.
Theft of user information
Attacker access to credential through data theft, for example, phishing scams or SNS.
1. Vulnerability passwords were used.
2. Store user information in a configuration file.
3. Pass user information on the network (message).
Network eavesdropping
Attackers steal user information from public networks by reading them.
translation
http://blogs.msdn.com/b/narahari/archive/2013/02/05/security-best-practices-for-windows-azure.aspx
[zenback]
[...] Security Best Practices for Windows Azure (String) This is a continuation of the previous article, but I will translate the article. [...]