Web Server Security - PowerPoint PPT Presentation
Title:
Web Server Security
Description:
Web Server Security By Michael Huang Web Server Security - Background Experts gets hacked (AOL, MSN, FBI, CIA, etc ) Loss of Trade Secrets, Company Embarrassment ... – PowerPoint PPT presentation
Number of Views:34
Avg rating:3.0/5.0
Title: Web Server Security
1
Web Server Security
- By Michael Huang
2
Web Server Security - Background
- Experts gets hacked
- (AOL, MSN, FBI, CIA, etc)
- Loss of Trade Secrets, Company Embarrassment,
Compromise of Clients Personal Information - Fallacy- firewall will protect web server
- Computer-illiterate people can hack a web server
- Absolute Security Impossible
- Basic guidelines to deter amateurs
3
Web Server Security-Basic Guidelines
- isolate/off-network hosting
- manage accounts/passwords
- employees are biggest risk
- remote password guessing tools (brutus, crack)
- keep it patched
- new patches every few days, be proactive
- limit access not a workstation
- email, aim, irc, ftp/telnet/ssh etc
- serve safe code
- code abuse
4
Web Server Security-Hacking 101
- Cookbook Hacking
- Determine server or operating system software
- Learn exploit from hacking site/forum
- Hack server
- Demo
5
Web Server Security-Hacking 101
- Attacking Web Forms
- Find a web form (search for login.asp)
- Check for vulnerability
- Enter basic SQL (standard query language)
commands to delete database - Demo
