Test web site security

This 'test web site security' article is supplied by Web Site Security, where you can find more information about test web site security.

Web Site Security Concerns - An Assessment



Unfortunately, there are lots of ways in which website security can be circumvented. For example, security hazards exist which impinge on Web servers and LANs (local area networks) on which Web sites reside, even by the conventional use of a Web browser.

Web Masters face the flak when coping with the gravest challenges. As soon as a Web server is installed at a site, a window is made in the local area network through which anyone who's using the Internet can peep. Naturally, as a rule website visitors see no more than what they are meant to look at, but a small number attempt to uncover areas of the site which are not designed to be visible to the rest of the world. Unscrupulous visitors mean to go further than merely look; they make an effort to unfasten the window and slip inside. The harm intruders can cause might be sheer vandalism, for example changing the web site's home page with one of their own which could say or show absolutely anything at all, or it could be burglary, like stealing a customers or orders list.

It is hard to avoid the virtual certainty that convoluted software includes bugs. Regardless of how thoroughly it's tested, there will be by and large a particular permutation of events or user actions, while it might transpire infrequently, that causes an error. Software bugs create flaws in system security. A Web server is complex software which can quite easily include a security opening.

It is not just the intricacy of a Web server which can create a problem, but also its open architecture. Think about a CGI script as an illustration. A CGI script can be run at the server in reply to a remote call from a client. This could be a request from a program or even the click of a button in a browser. If the CGI script has a bug, there will be a risk of a security breach.

Network Administrators also have to face problems from Web servers due to the threat they pose to the security of the local area network. Whereas there must be no unauthorized intrusions, admittance has to be granted to web site visitors. This means that access to the network should be regulated. The Administrator therefore has to perform a delicate balancing act. Even the most sturdy firewall may be compromised if the Web server is configured badly. By the same token, normal use of the web site may be impossible if the firewall is configured poorly. Reaching a model answer is still more difficult if an intranet exists as part of the system. Usually, the Web server in that case must be configured to recognise and authenticate domains and user groups, which are likely to have differing permission levels and access privileges.

Suggestion: For ideas regarding a specialised viewpoint of website security, such as "test web site security", search for the complete phrase on the Internet.

Nearly everybody using a browser to surf the Web suppose that they're doing it in secret and in safety. It is not so. Web browsers may execute autonomous software programs on the client computer which are hosted by a website. Modern browsers display a caution and request consent to execute such programs. Well-known commonly as "active content", e.g., ActiveX controls or Java applets, these programs, if malicious, may easily inject a virus or other hazardous software on the browser user's computer. As soon as it's in the system it can inflict all kinds of damage and may be exceedingly tough to remove.

This is also a worry for Network Administrators. Web browsers supply a way for possibly malicious software to filter all the way through the local area network's firewall. Once it is in the system, the damage it can inflict can stretch from covertly stealing sensitive data to meaningless carnage.

Aside from the issues in re active content, merely surfing the Net leaves a trail of the user's activities in the browser's history. This might be utilized by web sites and installed software programs to ascertain a precise report of the user's behavior and preferences. Although this might be considered an invasion of privacy by some people, it can be useful by displaying relevant content at once, thus relieving the user of the chore of searching for it.

Secrecy is a topic that worries not only browser users but also Web Masters and Network Administrators during the actual transmission of data via the Net. TCP/IP (Transmission Control Protocol/Internet Protocol) is the basic language of communication for the Net. When it was created, security was not the most significant aspect of its blueprint. Both network and Internet transmissions should therefore not be thought of as as necessarily confidential. Whenever the browser on a local computer downloads a private file from the remote Web server, or the browser user fills out a form with personal data and clicks the 'Submit' button, the transmitted information might be intercepted without authorisation.

To find out more about 'test web site security', visit website-security.biz.