ISKIV Information Strategies Key Intangible Value Limited Internet security Design

Web security, servers and CGI Security
Web

The Web security isn't always the main concern of Web site owners. It should be, in particular when the web site manages data from its visitors or customers or if there is a possible illicit use of the web site's data.

The below information is technical. It is intended for System Administrators, Network Administrators and Webmasters. This article must be considered as a check list. It isn't intended to be exhaustive.

We focus on vulnerabilities, general information, intrusion detection and web security, network security, security architecture, Qmail et Sendmail modules, CGI. We give some links to good specialized knowledge sources.


Avoiding security flaws

To avoid security flaws, we must know it. So the first step is to identify the risks. Then we must try to anticipate the possible risks in a given context. By context, we intend both the technical context and the commercial and competitive background.

Knowledge sources on vulnerabilities

Top 20 vulnerabilities of servers and networksby SANS Institute. As well as many quality resources: publications to download, news and training. English.
Top 20 http://www.sans.org/top20/
Simplelogic, a developer commercial Web site, offers many fine resources: information and code download as well. English.
http://www.simplelogic.com/
Resources http://www.simplelogic.com/Resources.html
A database for searching a vulnerability by software and OS, or find advice. It is also possible to submit a contribution. English.
Search http://www.net-security.org/vuln_main.php
Advice http://www.net-security.org/advi_main.php
Contribute http://www.net-security.org/contribute.php

== Top of the page

  
Internet security
Survival Kit PC
Networked PCs
Data security
Data privacy
Security portal

Home eBusiness
eBusiness design
Marketing
Optimization
Expert tools
eBusiness help
Working with us

Version française

Quick search
Sitemap
Link to us

 

ModSecurity

ModSecurity is an open source intrusion detection and prevention engine for web applications. Operating as an Apache Web server module, the purpose of ModSecurity is to increase web application security, protecting web applications from known and unknown attacks. ModSecurity is dual licensed. It is freely available for general use under the GNU General Public License. Alternatively, it is available under a license suitable for distribution in closed-source commercial systems. http://www.modsecurity.org, English.

The Web site ModSecurity also offers a portal with relevant resources focusing on Web security http://www.modsecurity.org/db/resources/, English.

Network security

Networks security: networking.webopedia is a good technical portal offering resources focusing on networks security. English.
http://networking.webopedia.com/TERM/s/security.html

See our detailed article on Network security

WiFi networks security Kaspersky Lab latest report on wifi security.
http://www.viruslist.com/

See also our detailed column on Network security

Security architecture

Security architecture : a pretty good technical resources offered by securit: security architecture, security of services, OS security, networks security, PKI and cryptography, organization and regulations. French.
http://securit.free.fr/ressources.htm

Spam as a source of vulnerability

Anti-spam tips Web site offers advice to prevent spam with Qmail and Sendmail. English
http://www.anti-spam-tips.com/

See our detailed columns on Spam and Anti-Spam

The CGI as a source of vulnerability

The CGI may be a source of vulnerability for a Web site.
Cgisecurity describes and discusses Web vulnerabilities related to the use of CGI. English.
http://www.cgisecurity.com/pen-test/
FAQ http://www.cgisecurity.com/faq.shtml

Monitoring your website is a must

Website monitoring services to ensure that the website is available and performs adequately from various regions Worldwide. Problems are notified via email, phone, SMS, AIM, Yahoo!, MSN, ICQ, Pager. Online check tool. Reporting and control panel. 30 days free trial.
http://www.alertra.com/

== Top of the page

To search our web sites use the box below
To search for an exact phrase, put it in double quotes

For a Web search, use our Search page.


 		    
         
   

Linking to this page

Choose the link that suit your needs and copy it to your page.
Any HTML or XHTML page, Open in same window
Web security, servers and CGI Security, i.S.k.i.v. Ltd
HTML and HTML 4 transitional, Open in new window, "target=_blank"
Web security, servers and CGI Security, i.S.k.i.v. Ltd
HTML 4 or XHTML strict + Javascript, Open in new window, "rel=external"
Web security, servers and CGI Security, i.S.k.i.v. Ltd
Policy - Partnership - Message - Request - Sitemap - Copyright - Contact
i.S.k.i.v. Ltd eBusiness solutions & services: http://www.iskiv.net/
This page : http://www.iskiv.net/sec/en/web.security.html
All rights reserved © Information Strategies Key Intangible Value Limited
London 2005 Newcastle on Clun 2012
Web security, servers and CGI Security, i.S.k.i.v. Ltd