Just a general approach to such a situation. Not a comprehensive solution ...

  1. Attempt to validate properties below the Application Layer of the OSI model.

    2. 1.0 Validate IP address and other Transport and Network Layer properties as required.

    1.1 Log Transport and Network Layer connections and scrutinise.

  2. Attempt to validate Application Layer properties of the OSI model.

    3. 2.0 Validate/Authenticate Application Layer/HTTP access to documents. Setup authentication for
           HTTP server usage.

    2.1 Validate Application Layer HTTP header parameters.

  3. Attempt to validate Application Layer connection/session properties and input data.

    4. 3.0 Validate Application layer document specific access. Session id token combined with IP
           address and or other parameters via some sort of encoding technique. A user/password auth
           combination with perhaps 'CAPTCHA' techniques to validate the
           user login.

    3.1 Validate session form input. Use hidden form values, data length checks, valid characters and or
           words. Validate input times so that input doesn't come too quick or too late.

    3.2 Log important events such as logins and form input with appropriate client/session data.

    3.3 Scrutinise event logs ... form input/submissions, authentication etc.

Logging events is important for validation as well as other reasons. If a determined or experienced bastard
passes all of the validation checks, you can always check the the logs for patterns. Random or not, you
will notice patterns and can take appropriate action. Beware of blocking/black-listing certain IP's though, you may end up blocking a completely okay network because somebody spoofed an IP or block.

It is easy to spoof Network and Transport Layer packet properties, as well as Applicaiton layer properties such
as the document referrer etc, but if you have no validation, you have no security.

By no means have I listed every possible validation method nor may I be 100% on target.
I have just listed a general layered overview. There are suggestions already mentioned in this thread/node,
but don't stop there. Think about the type of situation you have and apply a security measure to match. Common sense.

Update (:-s) : Fixed some HTML formatting

In reply to Re: Validation Validation Validation by kabeldag
in thread newb: Best way to protect CGI from non-form invocation? by JCHallgren

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.