Network and website security issues

This 'network and website security issues' article is supplied by Web Site Security, where you can find more information about network and website security issues.

Website Security Considerations - An Assessment



It's unfortunate, but there are a lot of ways in which website security can be endangered. For example, security hazards lurk insidiously which affect Web servers and LANs (local area networks) on which Web sites reside, even by the routine use of a Web browser.

Web Masters bear the brunt when managing the most acute threats. As soon as a Web server is installed at a site, a window materialises in the local area network through which anyone who is using the Internet can peer. Obviously, for the most part website visitors look at only what they are meant to look at, but a small number of them make an effort to discover parts of the site which are not meant to be discernible by the general public. Malicious visitors wish to do more than merely look; they make an attempt to open the window and slither through. The damage they may cause might be mere vandalism, such as substituting the web site's home page with their own which could say or display absolutely anything at all, or it could be robbery, such as gaining possession of a customers or sales database.

It is hard to escape the probability that complex software contains bugs. Regardless of how painstakingly it is tested, there exists by and large a certain order of events or user actions, though it might be infrequent, which creates a fault. Software bugs create holes in system security. A Web server is complicated software which may very possibly include a security flaw.

It is not just the complexity of a Web server that can instigate a problem, but also its open architecture. Think about a CGI script as a case in point. A CGI script may be executed at the server in response to a remote call from a client. This could be a request from an application or even the click of a button in a browser. If the CGI script contains a bug, there is a chance of a security violation.

Network Administrators also have to deal with problems from Web servers because of the danger they pose to the security of the local area network. Despite the fact that there should be no unauthorised intrusions, right of entry must be given to web site visitors. This means that access to the network should be controlled. The Administrator therefore needs to perform a delicate balancing act. Even the most sturdy firewall may be undermined if the Web server is configured badly. Concomitant with this constraint, normal use of the web site can be not possible if the firewall is configured badly. Arriving at a perfect solution is still more tricky if an intranet is a constituent of the system. Usually, the Web server then must be configured to recognize and verify domains and user groups, which are apt to have differing permission levels and access rights.

Suggestion: For advice regarding a specialized facet of website security, e.g. "network and website security issues", look for the complete expression on the Internet.

The majority of people using a browser to surf the Internet believe that they are doing it anonymously and securely. It is not the case. Web browsers may execute autonomous software programs on the local computer that are resident on a website. Modern browsers show a notice and request authorisation to execute those programs. Identified commonly as "active content", e.g., ActiveX controls or Java applets, these programs, if malicious, might easily leave a virus or other dangerous software on the browser user's computer. After it is in the system it can wreak all kinds of havoc and can be very difficult to eliminate.

This is also a worry for Network Administrators. Web browsers make available a route for possibly malicious software to permeate all the way through the local area network's firewall. As soon as it is in the system, the harm it is able to cause can extend from furtively gaining possession of sensitive data to motiveless destruction.

Besides the concerns in re active content, just surfing the Web records a trail of the user's activities in the browser's history. This might be used by websites and installed software programs to ascertain an exact profile of the user's behavior and interests. Whereas this may be unacceptable as an invasion of privacy by some people, it can be constructive by providing germane content without delay, thus exonerating the user of the job of trying to find it.

Confidentiality is a problem that worries not only browser users but also Web Masters and Network Administrators in the actual transmission of data by means of the Internet. TCP/IP (Transmission Control Protocol/Internet Protocol) is the basic language of communication for the Net. When it was created, security wasn't the most crucial factor of its blueprint. Both network and Internet transmissions should therefore not be considered as essentially confidential. Every time the browser on a local PC downloads a confidential document from the remote Web server, or the browser user fills in a form with confidential information and clicks the 'Submit' button, the transmitted data can be intercepted without consent.

To find out more about 'network and website security issues', visit website-security.biz.