CGI Web Hosting Securing Public Web Servers CGI Hosting

Guidelines on Securing Public Web Servers

Executive Summary

The World Wide Web (WWW) is a system for exchanging information over the Internet.  At

the most basic level, the Web can be divided into two principal components:  Web servers,

which are applications that make information available over the Internet (in essence publish

information) and Web browsers (clients), which are used to access and display the information

stored on the Web servers.  This document focuses on the security issues of Web servers.

Unfortunately, the Web server is the most targeted and attacked host on most organizations'

network.  As a result, it is essential to secure Web servers and the network infrastructure that

supports them.  The specific security threats to Web servers generally fall into one of the

following categories:

Malicious entities may exploit software bugs in the Web server, underlying operating

system, or active content to gain unauthorized access to the Web server.  Examples of

unauthorized access are gaining access to files or folders that were not meant to be

publicly accessible or executing privileged commands and/or installing software on

the Web server.

Denial of service (DoS) attacks may be directed to the Web server denying valid users

an ability to use the Web server for the duration of the attack.

Sensitive information on the Web server may be distributed to unauthorized

individuals.

Sensitive information that is not encrypted when transmitted between the Web server

and the browser may be intercepted.

Information on the Web server may be changed for malicious purposes.  Web site

defacement is a commonly reported example of this threat.

Malicious entities may gain unauthorized access to resources elsewhere in the

organization's computer network via a successful attack on the Web server.

Malicious entities may attack external organizations from a compromised Web server,

concealing their actual identities, and perhaps making the organization from which the

attack was launched liable for damages.

The server may be used as a distribution point for illegally copied software, attack

tools, or pornography, perhaps making the organization liable for damages.

This document is intended to assist organizations in installing, configuring, and maintaining

secure public Web servers.  More specifically, this document describes in detail the following

practices to apply:

Securing, installing, and configuring the underlying operating system

 For more information on securing Web browsers, see NIST Special Publication 800 46,

Security for Telecommuting

and Broadband Communications

http://csrc.nist.gov/publications/nistpubs/index.html

).

ES 1





Unlimited Web Hosting





  
    
      
        Home :: RegularHostingPlan :: 
          DatabaseHostingPlan :: 
          JavaHostingPlan :: 
          CompareOurPlans :: AboutUs - 
          Our Network :: 
          Testimonials 
          WhyChooseTotalRoute.net :: 
          MoneyBackQuarantee :: 
          SupportOnline :: FAQ :: 
          ControlPanel :: 
          24/7TechSupport :: 
          ContactUs :: 
          Order 
          TransferYourSite :: 
          Sitemap :: 
            TermsOfService
      CGI Web Hosting 
    
  
  
    Our partners:Jsp Web   Hosting 
      Unlimited Web Hosting 
      Cheapest Web   Hosting  Java Web Hosting 
      Web   Templates 
      Best Web Templates 
      Web Design   Templates 
      Interland Web Hosting 
      Cheap Web Hosting  
      Java Web Hosting   
      Tomcat Web Hosting 
      Quality Web   Hosting 
    Best Web Hosting  Mac Web   Hosting
  
  
    TotalRoute.net Business web hosting division of Vision Web Hosting Inc. All rights reserved.