Web site security logo

This 'web site security logo' article is supplied by Web Site Security, where you can find more information about web site security logo.

Web Site Security Issues - An Assessment



An unfortunate fact is that there are several ways in which web site security can be adversely affected. Security risks exist which impinge on Web servers and LANs (local area networks) on which Web sites are hosted, even by the ordinary use of a Web browser.

Web Masters bear the brunt when handling the critical risks. As soon as a Web server is set up at a site, a window is made in the local area network through which anyone who's on the Internet can peek. Of course, nearly all website visitors see no more than what they're supposed to see, but some of them try to find areas of the site that are not designed to be perceptible to the general public. Malicious visitors wish to go further than simply look; they attempt to open the window and creep in. The damage they could cause might be sheer vandalism, such as changing the web site's home page with theirs that could say or put on view anything at all, or else it might be burglary, such as stealing a contacts or orders list.

It is hard to avoid the virtual certainty that intricate software contains bugs. No matter how systematically it's tested, there's typically a particular combination of events or user actions, though it might be rare, that brings about a fault. Software bugs cause gaps in system security. A Web server is convoluted software that may quite probably include a security weakness.

It's not just the intricacy of a Web server which can produce a problem, but also its open architecture. Consider a CGI script as an illustration. A CGI script may be processed at the server in reply to a remote call from a client. This might be a request from an application or even the click of a button in a browser. If the CGI script has a bug, there will be a risk of a security violation.

Network Administrators also have to cope with problems from Web servers because of the risk they pose to the security of the local area network. Despite the fact that there must be no unauthorized incursions, admission has to be given to web site visitors. This means that access to the network has to be controlled. The Administrator therefore has to perform a delicate balancing act. Even the most sturdy firewall can be compromised if the Web server is configured poorly. By the same token, normal use of the website can be unattainable if the firewall is configured badly. Reaching a model answer is yet more tricky if an intranet forms a constituent of the system. Normally, the Web server then needs to be configured to distinguish and authenticate domains and user groups, which are apt to have varying permission levels and access privileges.

Suggestion: For advice in relation to a particular feature of web site security, for instance "web site security logo", look for the full expression on the Internet.

Nearly everybody using a browser to surf the Net think that they're doing so in secret and in safety. It is not the case. Web browsers can execute self-contained software on the user's machine which are resident on a website. Modern browsers display a notice and ask permission to run those programs. Known commonly as "active content", e.g., ActiveX controls or Java applets, these programs, if malicious, could easily install a virus or other dangerous software on the browser user's machine. Once it is in the system it can inflict all kinds of catastrophe and may be very problematical to get rid of.

This is also a worry for Network Administrators. Web browsers offer a route for potentially malicious software to seep through the local area network's firewall. Once it is in the system, the harm it can cause can extend from furtively appropriating private data to wanton spoliation.

Apart from the matters to do with active content, merely surfing the Internet records a trail of the user's activities in the browser's history. This might be used by web sites and installed software to determine an accurate report of the user's behaviour and preferences. Though this may be unacceptable as an invasion of privacy by some people, it can be useful by providing applicable content directly, thus exonerating the user of the task of searching for it.

Confidentiality is a subject that worries not only browser users but also Web Masters and Network Administrators in the actual transmission of information by means of the Net. TCP/IP (Transmission Control Protocol/Internet Protocol) is the basic language of communication for the Net. When it was created, security was not the most important aspect of its design. Both network and Internet transmissions should therefore not be considered as automatically confidential. Any time the browser on a local machine downloads a private document from the remote Web server, or the browser user fills in a form with private information and clicks the 'Submit' button, the transmitted data may be intercepted without authorization.

To find out more about 'web site security logo', visit website-security.biz.