the home page of united states department of justice was hacked on august 17, 1996

The home page of United States Department of Justice Was hacked on

August 17, 1996

WWW Security Degui CaoID: 100361

Professor: M. Anvari

Southeastern University

Fall 2000

1. Introduction

• World Wide Web (WWW)

• Web server faces three security risks: • Bugs or misconfiguration problems

• Browser-side risks

• Interception • Hacker definition

2. Comparison of two basic OS

• Unix System• Windows NT system

3. Security problems With NT and Unix

• Security problems with NT• Security problems with Unix

4. Security problems in software of WWW

• CGI• JAVA• JAVA Script

5. Procedures taken on www security • File and file systems administration• Ownership: user, group, other• Permission: read, write, execute• ls: attributes of the file and directory • drwxrwxrwx www• chmod: change the mode• Firewall• •

Fig1. Firewall/proxy server

• Types of fire walls • Screening routers• Proxy server gateway• Stateful inspection technique• Firewall policy• Basic strategies defining firewall policy• Default permit and Default deny• Often firewall policies

Fig2. Screening router & Fig3. Proxy server

6. Conclusions

• Set up a good secure policy

7. Reference

• http://www.sddt.com/files/

• http://www.apache.org/

• http://hacke.infinit.se/

• http://www.microsoft.com/security/