Knowledge Search


×
 

Are the injections that Mykonos Web Security (MWS) places on my website the same as other MWS customer sites?

  [KB24452] Show Article Properties


Summary:
 Are the injections that MWS places on my website the same as other MWS customer sites?
Symptoms:
 
Cause:
 
Solution:
In a word, No.  If the injection points were identical across the board, attackers would quickly learn to profile the MWS technology and bypass the known injection points.   MWS uses two main techniques to make each installation unique: Randomization and Customization.

MWS includes a broad range of injection points that are mixed and matched randomly when the system’s initialized. Additionally, specific field values are chosen randomly. For Example: It will select a random name and random value when injecting fake query parameters into the website. The value may additionally contain randomization information that will be used to randomize the value on a page by page basis. This ensures that other sites running MWS use different fake query parameters, so that a hacker cant just assume a specific query parameter with a known name is a tar trap. This assures no two MWS installations will appear alike.

Users also have the ability to customize various fields to suit their own site. For example: appending a site specific suffix to a cookie value. That allows the site’s administrator to customize things even further to make the MWS instance truly unique and to make injected tar traps look even more like normal activity for your site.
Related Links: