Guidelines on Securing Public Web Servers - National Istitute of Standards and Techn - Books - Createspace - 9781502866264 - October 17, 2014
In case cover and title do not match, the title is correct

Guidelines on Securing Public Web Servers

Price
HK$ 157
excl. VAT

Ordered from remote warehouse

Expected to be ready for shipping Jul 29 - Aug 10
Get notified about new National Istitute of Standards and Techn releases
Add to your iMusic wish list

Not rated yet

Publisher Marketing: The World Wide Web (WWW) is a system for exchanging information over the Internet. At the most basic level, the Web can be divided into two principal components: Web servers, which are applications that make information available over the Internet (in essence, publish information), and Web browsers (clients), which are used to access and display the information stored on the Web servers. This document focuses on the security issues of Web servers. Unfortunately, Web servers are often the most targeted and attacked hosts on organizations' networks. As a result, it is essential to secure Web servers and the network infrastructure that supports them. The following are examples of specific security threats to Web servers: Malicious entities may exploit software bugs in the Web server, underlying operating system, or active content to gain unauthorized access to the Web server. Examples of this unauthorized access include gaining access to files or folders that were not meant to be publicly accessible (e.g., directory traversal attacks) and being able to execute commands and/or install software on the Web server. Denial of service (DoS) attacks may be directed to the Web server or its supporting network infrastructure, denying or hindering valid users from making use of its services. Sensitive information on the Web server may be read or modified without authorization. Sensitive information on backend databases that are used to support interactive elements of a Web application may be compromised through command injection attacks (e.g., Structured Query Language [SQL] injection, Lightweight Directory Access Protocol (LDAP) injection, cross-site scripting [XSS]). Sensitive information transmitted unencrypted between the Web server and the browser may be intercepted. Information on the Web server may be changed for malicious purposes. Web site defacement is a commonly reported example of this threat. Malicious entities may gain unauthorized access to resources elsewhere in the organization's network via a successful attack on the Web server. Malicious entities may attack external entities after compromising a Web server host. These attacks can be launched directly (e.g., from the compromised host against an external server) or indirectly (e.g., placing malicious content on the compromised Web server that attempts to exploit vulnerabilities in the Web browsers of users visiting the site). The server may be used as a distribution point for attack tools, pornography, or illegally copied software.

Media Books     Paperback Book   (Book with soft cover and glued back)
Released October 17, 2014
ISBN13 9781502866264
Publishers Createspace
Pages 136
Dimensions 216 × 279 × 7 mm   ·   331 g