Trusted web site security warning

This 'trusted web site security warning' article is supplied by Web Site Security, where you can find more information about trusted web site security warning.

An Assessment of Web Site Security Issues



Unfortunately, there are a lot of ways in which website security can be compromised. For example, security hazards lurk insidiously that impinge on Web servers and LANs (local area networks) on which Web sites are located, even by the customary use of a Web browser.

Web Masters are in the front line when dealing with the gravest threats. As soon as a Web server is installed at a site, a window materialises in the local area network through which anyone who is using the Internet can peek. Naturally, most web site visitors see only what they are supposed to see, but a minority attempt to discover elements of the site which are not meant to be visible to the general public. Dishonest visitors would like to do other than just look; they make an effort to unbolt the window and sneak through. The harm intruders could inflict might be sheer vandalism, for instance replacing the website's home page with one of their own that could say or show anything, or else it might be theft, such as gaining possession of a customers or sales list.

It is hard to escape the virtual certainty that convoluted computer software includes bugs. Regardless of how painstakingly it's tested, there will be typically a particular combination of events or user actions, although it may appear hardly ever, which creates a failure. Computer software bugs give rise to breaches in system security. A Web server is intricate software which can very likely contain a security flaw.

It's not only the intricacy of a Web server that may create a problem, but also its open architecture. Consider a CGI script as an illustration. A CGI script may be run at the server in reply to a remote request from a client. This could be a request from a program or even the click of a button in a browser. If the CGI script has a bug, there will be a chance of a security breach.

Network Administrators also have to deal with problems from Web servers on account of the danger they pose to the security of the local area network. Although there must be no unauthorized intrusions, admission has to be granted to website visitors. This means that access to the network must be regulated. The Administrator therefore has to perform a delicate balancing act. Even the most sturdy firewall may be compromised if the Web server is configured poorly. By the same token, normal use of the web site can be impossible if the firewall is configured poorly. Attaining an ideal answer is still more difficult if an intranet exists as an element of the system. Normally, the Web server in that case has to be configured to distinguish and verify domains and user groups, which are apt to have varying permission levels and access privileges.

Tip: For advice about a specialized view of website security, something like "trusted web site security warning", search for the complete phrase on the Web.

Almost all people using a browser to surf the Web trust that they're doing it secretly and safely. It is not so. Web browsers may execute autonomous programs on the user's machine which are resident on a website. Current browsers display a notice and ask authorisation to execute those programs. Known generally as "active content", e.g., ActiveX controls or Java applets, these programs, if malicious, may easily deposit a virus or other dangerous software on the browser user's machine. As soon as it's in the system it can inflict all kinds of havoc and can be exceedingly difficult to delete.

This is also a worry for Network Administrators. Web browsers supply a route for potentially malicious software to seep all the way through the local area network's firewall. When it is in the system, the damage it could inflict can stretch from surreptitiously appropriating private information to motiveless spoliation.

Aside from the issues involving active content, just surfing the Internet leaves a trail of the user's activities in the browser's history. This may be utilised by websites and installed software to establish a precise report of the user's behavior and preferences. While this may be unacceptable as an invasion of privacy by some people, it can be positively effective by showing relevant content immediately, thus exonerating the user of the job of trying to find it.

Secrecy is a topic that worries not only browser users but also Web Masters and Network Administrators in the actual transmission of information via the Web. TCP/IP (Transmission Control Protocol/Internet Protocol) is the basic language of communication for the Net. When it was created, security was not the principal aspect of its design. Both network and Internet transmissions should therefore not be considered as essentially private. Each time the browser on a local computer downloads a sensitive file from the remote Web server, or the browser user completes a form with personal data and clicks the 'Submit' button, the transmitted information can be intercepted without authorization.

To find out more about 'trusted web site security warning', visit website-security.biz.