General Concerns on WWW Security

1
General Concerns on WWW Security

• Name Huaying Chen
• ID 104714
• Instructor Dr Mort Anvari

2
What security risks?

• Bugs or misconfiguration problems in the Web
  servers
• Browser-side risks
• Network eavesdropping

3
Problems with specific servers

• 1. Windows NT servers
• 2. Unix server Netscape servers
• 3. Macintosh server WebStar

4
Are there secure OS Web servers?

• NO
• Some OS are more secure to use as platforms for
  Web than others
• Some Web server software programs are more secure
  than others
• Conclusion More extensibility, less security

5
Running a Secure server

• 1. Build firewalls
• place the Server INSIDE the firewall
• place the Server OUTSIDE the firewall
• -----use the Server as the sacrificial lamb to
  protect the entire inner network

6
Server INSIDE the firewall

• other hosts
• Server FIREWALL OUTSIDE
• other hosts

7
Server OUTSIDE the firewall

• other hosts
• other hosts firewall server OUTSIDE
• other hosts

8
Server side Security

• Enforce access restrictions
• a. By IP address or domain name
• b. By user name password
• c. Encryption using public key cryptography

9
Client side Security

• a. Clear cache of your browser after visiting
  secure sites
• b. Improving password
• c. Make backup copies of important files

10
Password confidentiality

• 1. Combine characters with numbers
• 2. Change password regularly
• 3. Use a unique password of reach system
• 4. Dont write down password
• 5. Dont store password on the computer

11
Summary

• No computer OS is completely secure. As a result,
  the joint effort of the Web servers and the
  clients are required to make the system
  increasingly difficult to be compromised.