Web survey software tools for enterprise online data collection and reporting, used by major corporations, governments, and NGOs throughout the world.

Online security with EZSurvey

There are many ways to attack a web site. Raosoft web survey software tools are designed to resist the known attacks, and we continually improve our software to resist new attacks.

Unlike our competitors, EZSurvey products do not require, establish, nor maintain an active network connection to the hosting web server. A respondent never has to penetrate nor access your internal network to take a survey! Survey instrument development, editing, and preview is accomplished at the using desktop and saved into a file on the harddrive. When complete, the files are copied to the hosting web server where it is accessed via standard world wide web browsers - as allowed by standard IT security policies.

Competitors' web-based products invite intrusion and cause difficulty in maintaining data security and privacy. IT departments routinely compliment Raosoft, Inc. for allowing them to maintain their corporate separation of duties.

UTF-8 and Security

It is a common malicious attack method to insert coding into some database by posting a script include command with UFT-7 or QP encoding of the web page. We convert everything into UTF-8 before checking for dangerious characters and commands - closing this specific security hole.

Running EZSurvey

EZSurvey's CGI programs are available in compiled executable, ISAPI DLL, or Perl form.

In all cases, the web server package generated by EZSurvey should be placed in a cgi-bin or scripts directory on your web server. The server permissions should be set to execute programs only, and deny read or write access through the web to any files in that directory.

For maximum security, you should use the compiled executable CGI programs, and, which you create the web site setup files in EZSurvey, do not use a password for remote access.

Types of attacks

If you have questions, please call us at 206-525-4025 or send us e-mail.
  • Denial of Service attacks flood a site with network request. These make headlines but rarely damage data.
  • This can happen by accident through the Slashdot effect, in which too many people try to use your web site at the same time. Often the constraint is the network connection, not the software. InterForm can handle tens of thousands of simultaneous users per server, and is uaually limited only by bandwidth.
  • Servers running IIS with ISAPI scripts may be vulnerable to a persistent connection attack. ISAPI allows a browser (or a program pretending to be a browser) to send an unlimited amount of information as a form submission. An attack of this sort could occupy all the server's connections indefinately (or until the server runs out of memory), preventing anyone else from using it. EZSurvey will close connections after receiving 64k of data on IIS and 48k on Apache. This means that one record worth of data has to be less than 64k, which hardly ever presents a problem. InterForm for NT is more advanced than EZSurvey and does not use ISAPI.
  • Code insertion attacks try to make your server run instructions that it's not supposed to.
  • EZSurvey uses a special server-side scripting language that is unable to modify files.
  • Buffer overrun attacks send more information than the server program is expecting. The extra information overwrites a portion of the server's code, possibly crashing the program or running an unauthorized program. Where InterForm and compiled EZSurvey scripts use fixed-length buffers, such as for the hidden "DATABASE" field, the form data is checked for this type of attack.
  • When a site runs on Perl or a similar interpreted language, a submission could contain dangerous Perl code. For example, if the web script contains
      open (PAGE,$FORM{'DATABASE'});
    someone could send a submission that contains
      DATABASE=file|rm -R *
    so that the interpreted Perl code would look like
      open (PAGE,"file|rm -R *");
    What this does to a UNIX server is erase all the files in the directory. To avoid this risk, EZSurvey's Perl scripts do not use any information that comes from the form in this manner. Instead, database and file names are hard-coded into the scripts.
  • On February 2, 2000, CERT published an advisory on Malicious HTML Tags Embedded in Client Web Requests. In their standard configurations, EZSurvey and InterForm do not show information submitted by one person to another person, and are immune to these attacks.
  • File access attacks try to read files that they're not supposed to.
  • If you don't want people to download a file, make sure that the file is in a directory without read permission. It is especially important that no one be allowed to read your web CGI directory, since it contains sensitive files.
  • Some scripts access files, and can be tricked to show files they're not supposed to. EZSurvey's scripts foil these attacks: they only show files with .html extensions and will not show files in higher-level directories.
  • We recommend the Apache web server. When you use Apache, EZSurvey creates a special .htaccess file that prevents web site visitors from accessing any files they're not supposed to.
  • Please click on ODBC and security issues to see more info related to the subject.

  • Raosoft, Inc.
    Raosoft: 206-525-4025 (US) Email: raosoft@raosoft.com
    Raosoft EZReport, EZSurvey, InterForm, RapidReport, Raosoft, and SurveyWin are registered trademarks of Raosoft, Inc.

    http://www.raosoft.com/ © 1996-2011 by Raosoft, Inc.