Web site security concerns

This 'web site security concerns' article is supplied by Web Site Security, where you can find more information about web site security concerns.

An Examination of Website Security Concerns



An unfortunate fact is that there are several ways in which web site security can be undermined. For example, security hazards are ever present which can affect Web servers and LANs (local area networks) on which Websites are located, even by the customary use of a Web browser.

Web Masters shoulder the responsibility when coping with the most severe risks. As soon as a Web server is set up at a site, a porthole is made in the local area network through which anyone who is using the Internet can peep. Naturally, on the whole website visitors see only what they are supposed to see, but a few of them try to locate parts of the site that aren't meant to be visible to all and sundry. Iniquitous visitors mean to do other than just look; they make an effort to unfasten the window and slither inside. The harm they could cause might be sheer vandalism, such as changing the website's home page with theirs that might say or show anything at all, or else it might be larceny, like stealing a contacts or orders list.

It's hard to avoid the probability that intricate software contains bugs. No matter how scrupulously it's tested, there is as a rule a certain combination of events or user actions, though it might be infrequent, which brings about a failure. Computer software bugs create holes in system security. A Web server is intricate software that can quite likely contain a security fault.

It's not merely the complexity of a Web server that may trigger a glitch, but also its open architecture. Consider a CGI script as a case in point. A CGI script may be executed at the server in answer to a remote request from a client. This could be a request from a program or even the click of a button in a browser. If the CGI script contains a bug, there could be a chance of a security violation.

Network Administrators also have to deal with problems from Web servers due to the risk they pose to the security of the local area network. While there should be no unauthorized intrusions, access must be granted to web site visitors. This means that access to the network must be controlled. The Administrator therefore must perform a delicate balancing act. Even the most robust firewall can be undermined if the Web server is configured poorly. Bearing that in mind, normal use of the website may be not possible if the firewall is configured badly. Reaching a model answer is yet more complicated if an intranet forms part of the system. Typically, the Web server in that case needs to be configured to recognise and authenticate domains and user groups, which are likely to have differing permission levels and access privileges.

Suggestion: For information on a detailed feature of web site security, e.g. "web site security concerns", look for the complete phrase on the Net.

Almost anyone using a browser to surf the Net believe that they are doing it in secret and safely. This is not the case. Web browsers may run autonomous software on the local computer that are hosted by a web site. Current browsers display a notice and request authorization to run such programs. Described commonly as "active content", e.g., ActiveX controls or Java applets, these programs, if malicious, can easily inject a virus or other hazardous software on the browser user's machine. Once it is in the system it can inflict all kinds of damage and may be exceedingly problematical to get rid of.

This is also a worry for Network Administrators. Web browsers present a route for possibly malicious software to seep through the local area network's firewall. After it is in the network, the damage it may cause can go from covertly gaining possession of sensitive data to willful carnage.

Aside from the issues to do with active content, merely surfing the Internet leaves a trail of the user's activities in the browser's history. This can be used by websites and installed software to ascertain an exact profile of the user's behavior and interests. While this may be frowned upon as an invasion of privacy by some, it can be helpful by displaying related content right away, so exonerating the user of the task of trying to find it.

Privacy is a topic that concerns not just browser users but also Web Masters and Network Administrators in the actual transmission of information by means of the Internet. TCP/IP (Transmission Control Protocol/Internet Protocol) is the basic language of communication for the Net. When it was formed, security was not the principal aspect of its blueprint. Both network and Internet transmissions should therefore not be thought of as as automatically private. Each time the browser on a local machine downloads a private file from the remote Web server, or the browser user completes a form with confidential information and clicks the 'Submit' button, the transmitted information may be intercepted without authorization.

To find out more about 'web site security concerns', visit website-security.biz.