Presentation is loading. Please wait.

Presentation is loading. Please wait.

Web Server Security By Michael Huang. Web Server Security - Background Experts gets hacked (AOL, MSN, FBI, CIA, etc…) Loss of Trade Secrets, Company Embarrassment,

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Web Server Security By Michael Huang. Web Server Security - Background Experts gets hacked (AOL, MSN, FBI, CIA, etc…) Loss of Trade Secrets, Company Embarrassment,"— Presentation transcript:

1 Web Server Security By Michael Huang

2 Web Server Security - Background Experts gets hacked (AOL, MSN, FBI, CIA, etc…) Loss of Trade Secrets, Company Embarrassment, Compromise of Client’s Personal Information Fallacy- firewall will protect web server Computer-illiterate people can hack a web server Absolute Security Impossible Basic guidelines to deter amateurs

3 Web Server Security- Basic Guidelines  isolate/off-network hosting  manage accounts/passwords employees are biggest risk remote password guessing tools (brutus, crack)  keep it patched new patches every few days, be proactive  limit access – not a workstation email, aim, irc, ftp/telnet/ssh etc  serve safe code code abuse

4 Web Server Security- Hacking 101  Cookbook Hacking Determine server or operating system software Learn exploit from hacking site/forum Hack server Demo

5 Web Server Security- Hacking 101  Attacking Web Forms Find a web form (search for login.asp) Check for vulnerability Enter basic SQL (standard query language) commands to delete database Demo

Download ppt "Web Server Security By Michael Huang. Web Server Security - Background Experts gets hacked (AOL, MSN, FBI, CIA, etc…) Loss of Trade Secrets, Company Embarrassment,"

Similar presentations

Network Security Attack Analysis. cs490ns - cotter2 Outline Types of Attacks Vulnerabilities Exploited Network Attack Phases Attack Detection Tools.

Network Security Attack Analysis. cs490ns - cotter2 Outline Types of Attacks Vulnerabilities Exploited Network Attack Phases Attack Detection Tools.
Protection from Internet Theft By James Seegars. What Is Hacking? Definition – A)To change or alter(Computer Program) – B) To gain access to (a computer.

Protection from Internet Theft By James Seegars. What Is Hacking? Definition – A)To change or alter(Computer Program) – B) To gain access to (a computer.
Hackers, Crackers, and Network Intruders: Heroes, villains, or delinquents? Tim McLaren Thursday, September 28, 2000 McMaster University.

Hackers, Crackers, and Network Intruders: Heroes, villains, or delinquents? Tim McLaren Thursday, September 28, 2000 McMaster University.
-Ajay Babu.D y5cs022.. Contents Who is hacker? History of hacking Types of hacking Do You Know? What do hackers do? - Some Examples on Web application.

-Ajay Babu.D y5cs022.. Contents Who is hacker? History of hacking Types of hacking Do You Know? What do hackers do? - Some Examples on Web application.
Cryptography and Network Security Chapter 20 Intruders

Cryptography and Network Security Chapter 20 Intruders
Introduction The concept of “SQL Injection”

Introduction The concept of “SQL Injection”
Vulnerability Analysis Borrowed from the CLICS group.

Vulnerability Analysis Borrowed from the CLICS group.
CSCI 530L Vulnerability Assessment. Process of identifying vulnerabilities that exist in a computer system Has many similarities to risk assessment Four.

CSCI 530L Vulnerability Assessment. Process of identifying vulnerabilities that exist in a computer system Has many similarities to risk assessment Four.
Lesson 14-Desktop Protection. Overview Protect against malicious code. Use the Internet. Protect against physical tampering.

Lesson 14-Desktop Protection. Overview Protect against malicious code. Use the Internet. Protect against physical tampering.
Database Connectivity Rose-Hulman Institute of Technology Curt Clifton.

Database Connectivity Rose-Hulman Institute of Technology Curt Clifton.
Final Project Review Team Tessier Brandon Thorpe Michael Shusta Telin Kim Lucas Root.

Final Project Review Team Tessier Brandon Thorpe Michael Shusta Telin Kim Lucas Root.
Web server security Dr Jim Briggs WEBP security1.

Web server security Dr Jim Briggs WEBP security1.
Assessing the Threat How much money is lost due to cyber crimes? –Estimates range from $100 million to $100s billions –Why the discrepancy? Companies don’t.

Assessing the Threat How much money is lost due to cyber crimes? –Estimates range from $100 million to $100s billions –Why the discrepancy? Companies don’t.
Patching MIT SUS Services IS&T Network Infrastructure Services Team.

Patching MIT SUS Services IS&T Network Infrastructure Services Team.
Network Security and Personally Managed Computers Jordan K. Wiens Copyright Jordan K. Wiens 2004.

Network Security and Personally Managed Computers Jordan K. Wiens Copyright Jordan K. Wiens 2004.
SQL-Injection attacks Damir Lizdek & Dan Rundlöf Language-based security.

SQL-Injection attacks Damir Lizdek & Dan Rundlöf Language-based security.
SiteLock Internet Security: Big Threats for Small Business.

SiteLock Internet Security: Big Threats for Small Business.
Internet Relay Chat Chandrea Dungy Derek Garrett #29.

Internet Relay Chat Chandrea Dungy Derek Garrett #29.
Adversaries in Clouds: Protecting Data in Cloud-Based Applications Nick Feamster Georgia Tech.

Adversaries in Clouds: Protecting Data in Cloud-Based Applications Nick Feamster Georgia Tech.
Project Implementation for COSC 5050 Distributed Database Applications Lab1.

Project Implementation for COSC 5050 Distributed Database Applications Lab1.

Similar presentations

Ads by Google