|
The servers we tested at the University of Wisconsin labs accommodate most forms of access control for individual Web pages. For example, Netscape Communications Corp. can control access with either an .htaccess file in the directory, or through special directives that can be configured in its Access Control administration page. The administrative page lets you put all of your access control information in a place. It's easier to manage than keeping track of the .htaccess files i
n every directory on the server.
Odd Places to Find Data
Not only can users have access to data they shouldn't have, server-based applications can run amuck. Make sure that you program Common Gateway Interface (CGI)-bin and Java applets intelligently. They are the major source of security holes in most systems. Make sure your CGI scripts only accept data they are supposed to accept, and be careful when "shelling out" to other local programs on your server, such as sendmail or grep.
If a Web server or browser crashes on a Unix system, it can leave a core file, which contains debugging information for programmers. On the ser
ver end, the best way to control this is to restrict access to the server machine to trusted individuals only. For Web clients, be sure to remove any core files when your browser crashes. Anywhere that sensitive information is stored or transmitted can be a potential hazard.
You must be careful to ensure that no sensitive data passes across the network in the clear. Th
is includes passwords sent via protocols other than HTTP, such as telnet or rlogin. A solution for shell access for Unix users, a kin telnet, is SSH, the Secure Shell. Information on the Secure Shell can be found at www.cs.hut.fi/ssh. It establishes a secure interactive session across the network, and can be used for remote administration of your Web server.
Authentication, Integrity and Privacy
You've added access control, users and groups to your Web server, but have not yet prevented outsiders from intercepting the data in transit. If your browser is located elsewhere on the Internet, someone between the browser and server can watch the information going across the wire, capturing passwords, user and group names and any other information you pass among the machines. Later, the interceptor can use this information to pretend to be whomever he or she learned about. He or she also could intercept transmissions midstream, make modifications and send them on to the destination undetected.
To p
revent this sort of network sniffing attack, you could introduce secure protocols that use encryption. With encryption, the interceptor will be unable to decipher data you're passing.
Security protocols work on different network layers and use different encryption algorithms, but share several concepts. The client and server communicate in such a manner that someone watching the communication on the network is unable to decipher what the client and server are saying to each other. Authentication, using certificates, makes sure the data hasn't been altered or forged.
During a secure transmission, the client and server use information, called keys, known only to them to encrypt the data. Depending on the configuration, the client and server can use a shared key to transmit data, a public-private key pair or a combination of the two.
Data encrypted with a public key can be decrypted only with the corresponding private key, and vice versa. If Alice wants to send Bob a secret message, Alice can use Bob'
s public key to encrypt the message and then send it to him. Bob can use his private key to decrypt the message, and since Bob is the only person who knows his private key, he can be assured that no one else reads the message. Only the private key can decrypt the data that was encrypted using the public key.
Shared-key algorithms are faster, but it's difficult to ensure that the keys will be exchanged without interception from a rogue party. So public-private key encryption is used to exchange a shared key. From that point on, the shared key is used to encrypt.
|
REPORTS
ANALYTICS
Follow 
