The home page of United States Department of Justice Was hacked on

August 17, 1996

WWW Security Degui CaoID: 100361

Professor: M. Anvari

Southeastern University

Fall 2000

1. Introduction

• World Wide Web (WWW)

• Web server faces three security risks: • Bugs or misconfiguration problems

• Browser-side risks

• Interception • Hacker definition

2. Comparison of two basic OS

• Unix System• Windows NT system

3. Security problems With NT and Unix

• Security problems with NT• Security problems with Unix

4. Security problems in software of WWW

• CGI• JAVA• JAVA Script

5. Procedures taken on www security • File and file systems administration• Ownership: user, group, other• Permission: read, write, execute• ls: attributes of the file and directory • drwxrwxrwx www• chmod: change the mode• Firewall• •

Fig1. Firewall/proxy server

• Types of fire walls • Screening routers• Proxy server gateway• Stateful inspection technique• Firewall policy• Basic strategies defining firewall policy• Default permit and Default deny• Often firewall policies

Fig2. Screening router & Fig3. Proxy server

6. Conclusions

• Set up a good secure policy

7. Reference

• http://www.sddt.com/files/

• http://www.apache.org/

• http://hacke.infinit.se/

• http://www.microsoft.com/security/