The home page of United States Department of Justice Was hacked on
August 17, 1996
WWW Security Degui CaoID: 100361
Professor: M. Anvari
Southeastern University
Fall 2000
1. Introduction
• World Wide Web (WWW)
• Web server faces three security risks: • Bugs or misconfiguration problems
• Browser-side risks
• Interception • Hacker definition
2. Comparison of two basic OS
• Unix System• Windows NT system
3. Security problems With NT and Unix
• Security problems with NT• Security problems with Unix
4. Security problems in software of WWW
• CGI• JAVA• JAVA Script
5. Procedures taken on www security • File and file systems administration• Ownership: user, group, other• Permission: read, write, execute• ls: attributes of the file and directory • drwxrwxrwx www• chmod: change the mode• Firewall• •
Fig1. Firewall/proxy server
• Types of fire walls • Screening routers• Proxy server gateway• Stateful inspection technique• Firewall policy• Basic strategies defining firewall policy• Default permit and Default deny• Often firewall policies
Fig2. Screening router & Fig3. Proxy server
6. Conclusions
• Set up a good secure policy
7. Reference
• http://www.sddt.com/files/
• http://www.apache.org/
• http://hacke.infinit.se/
• http://www.microsoft.com/security/