|  | The Web security isn't always the main concern of Web site owners. It should be, in
particular when the web site manages data from its visitors or customers or if there is a possible
illicit use of the web site's data. The below information is technical. It is intended for System Administrators, Network
Administrators and Webmasters. This article must be considered as a check list. It isn't intended
to be exhaustive. We focus on vulnerabilities, general information, intrusion detection and web
security, network security, security architecture, Qmail et Sendmail modules, CGI. We give some
links to good specialized knowledge sources.
Avoiding security flaws To avoid security flaws, we must know it. So the first step is to
identify the risks. Then we must try to anticipate the possible risks in a given context. By
context, we intend both the technical context and the commercial and competitive background. Knowledge sources on vulnerabilities - Top 20 vulnerabilities of servers and networksby SANS Institute. As well as
many quality resources: publications to download, news and training. English.
- Top 20 http://www.sans.org/top20/
- Simplelogic, a developer commercial Web site, offers many fine resources: information and code
download as well. English.
- http://www.simplelogic.com/
- Resources http://www.simplelogic.com/Resources.html
- A database for searching a vulnerability by software and OS, or find
advice. It is also possible to submit a contribution. English.
- Search http://www.net-security.org/vuln_main.php
- Advice http://www.net-security.org/advi_main.php
- Contribute http://www.net-security.org/contribute.php
| |
| | |
ModSecurity ModSecurity is an open source intrusion detection and
prevention engine for web applications. Operating as an Apache Web server module, the purpose of
ModSecurity is to increase web application security, protecting web applications from known and
unknown attacks. ModSecurity is dual licensed. It is freely available for general use under the GNU
General Public License. Alternatively, it is available under a license suitable for distribution in
closed-source commercial systems. http://www.modsecurity.org, English. The Web site ModSecurity also offers a portal with relevant resources focusing on Web
security http://www.modsecurity.org/db/resources/,
English. Network security - Networks security: networking.webopedia is a good technical portal offering resources focusing
on networks security. English.
- http://networking.webopedia.com/TERM/s/security.html
See our detailed article on Network
security - WiFi networks security Kaspersky Lab latest report on wifi
security.
- http://www.viruslist.com/
See also our detailed column on Network
security Security architecture - Security architecture : a pretty good technical resources offered by securit: security
architecture, security of services, OS security, networks security, PKI and cryptography,
organization and regulations. French.
- http://securit.free.fr/ressources.htm
Spam as a source of vulnerability - Anti-spam tips Web site offers advice to prevent spam with Qmail and Sendmail. English
- http://www.anti-spam-tips.com/
See our detailed columns on Spam and
Anti-Spam The CGI as a source of vulnerability - The CGI may be a source of vulnerability for a Web site.
- Cgisecurity describes and discusses Web vulnerabilities related
to the use of CGI. English.
- http://www.cgisecurity.com/pen-test/
- FAQ http://www.cgisecurity.com/faq.shtml
Monitoring your website is a must - Website monitoring services to ensure that the website is available and performs adequately
from various regions Worldwide. Problems are notified via email, phone, SMS, AIM, Yahoo!, MSN, ICQ,
Pager. Online check tool. Reporting and control panel. 30 days free trial.
- http://www.alertra.com/
To search our web sites use the box below
To search for an exact phrase, put it in double quotes For a Web search, use our
Search
page.
| | |
| | |
Linking to this page
- Choose the link that suit your needs and copy it to your page.
- Any HTML or XHTML page, Open in same
window
- Web security, servers and CGI Security, i.S.k.i.v. Ltd
- HTML and HTML 4 transitional, Open in
new window, "target=_blank"
- Web security, servers and CGI Security, i.S.k.i.v. Ltd
- HTML 4 or XHTML strict + Javascript, Open in new window, "rel=external"
- Web security, servers and CGI Security, i.S.k.i.v. Ltd
- Policy -
Partnership -
Message -
Request - Sitemap -
Copyright -
Contact
- i.S.k.i.v. Ltd eBusiness solutions & services: http://www.iskiv.net/
- This page :
http://www.iskiv.net/sec/en/web.security.html
- All rights reserved © Information Strategies Key Intangible Value
Limited
- London 2005 Newcastle on Clun 2008
- Web security, servers and CGI Security, i.S.k.i.v. Ltd
| | |
