home |  Cyber Cafe | ZedCA | Tally  |  PC Mall |  CDev | Coffee Shop | CyberGym
Articles
Sorry, your browser doesn't support Java(tm).
           Company Profile | Company News & events | FAQ | Site Map | Contact
© Copyright 2000-2001. Cyber Cafe All Rights Reserved.
e-Tutorials
Website review
Health care
Tech help
Services
Hardware review
News & Events
Home
IT News
Software review
Person of the Week
E-mail
Web Hosting
Online Chat
Domain Registration
Download
Our Location
Hot articles
Other Cyber site
Ask the experts
Today's Tips & Quiz
Website Design
Cool Tools
            
Course from Carnegie Technology Education, Carnegie Melon University, Pittsburgh-USA.
      
     
Hot Articles...
Home / Articles
Todays Article
No Safety in Numbers
As business moves online, the web is becoming more and more of a marketplace. It's a place where vendors and buyers meet to interact. Online transactions are now a normal, accepted part of life: You can auction unwanted goods, find a long-lost friend, get an education, keep up with your favorite sports teams... A business that doesn't have a web presence is practically unheard-of these days. Obviously, this provides a fertile playground for malfeasants to wreak havoc. Even the U.S. government computers are not immune. The White House web site was recently defaced, and the Department of Justice hijacking is legendary. There were more than 15,000 reported cases of break-ins and data alterations in the year 2000, and the rate of break-ins has been increasing exponentially. According to http://defaced.alldas.de/, we're on track for more than 50,000 web site defacements this year. Interestingly, an increasing number of break-ins originate in foreign countries. Some of the well-known hacked sites include those of the U.S. Army, Air Force, and Navy; NASA; the Department of the Treasury; and the IRS. In fact, most organization have a strong incentive to immediately cover up any hijacking incident and to keep them as quiet as possible, in order to maintain customer confidence. So, in reality, the numbers may be much higher than those mentioned above. Security experts are clamoring to come up with ways of countering all of these attacks. This article looks at a new technique that offers some promise.
No Web Server Is Unbreakable
When you think of protecting a web site, you might typically consider protecting the web server machine, using intrusion-detection techniques, and utilizing firewalls and other access-control mechanisms. While all of these protections are important, no web server is unbreakable. By nature, web servers are large, complex beasts. They run CGI scripts that often lead to compromise, and often there are many user accounts in which users can post their own content, including scripts. The best way to protect a web server from compromise is to hire a top-notch administrator who watches the server closely. The administrator should keep a close eye on access patterns and monitor the logs carefully. Of course, when all is said and done, if hackers want to get in, they will. It's just a matter of how quickly you notice it. In addition, attacks may come from insiders with legitimate access to the web servers.