Home arrow Security arrow Page 2 - Lock Down Your Website

Popular Cyber Attacks - Security

With all the benefits of e-commerce there are dangers such as identity theft for consumers and cyber attacks on websites. Site owners need take preventative measures. Wellman presents some security procedures and scripts for PHP driven sites.

  1. Lock Down Your Website
  2. Popular Cyber Attacks
  3. Preventative Measures
  4. One Way Hash
By: Dan Wellman
Rating: starstarstarstarstar / 75
June 01, 2004

print this article



One of the commonest forms of locating vulnerabilities is port-scanning; this is a process in which hackers send packets of information to server ports to see which ones are open and therefore available to exploit. 

Once a potential target has been found, there are a multitude of cyber crimes open to the hacker, some of the more popular attacks are:

Directory Browsing - The ability to retrieve complete directory listings within directories on the web server. Usually occurs as a result of sloppy server configuration.

Reverse Proxying  - Gaining access to back-end application servers by proxying HTTP requests from the external Internet to internal networks via front-end severs. Again, can result from sloppy proxy server configuration.

Source Code Disclosure - This is the ability to retrieve the source code from application files or the application itself in order to find further loopholes or information such as usernames and passwords.  Once again this can be traced to poor server configuration or poor application design.

Session Hijacking -  Many forms use 'hidden' fields to store session data, once this data has been acquired by the hacker, users data can be obtained. Session hijacking occurs when there are little or no preventative measures such as server side session id tracking or cryptographic session id creation.

As you can see from the examples above, many hack attacks are caused simply by misconfiguring your web server or web applications.  So what preventative measures can you take? Obviously, no site is 100% safe; given enough time and the right software, any site can be penetrated. Realistically though, there are many ways security can be implemented in order to drastically reduce the risks.

>>> More Security Articles          >>> More By Dan Wellman

blog comments powered by Disqus
escort Bursa Bursa escort Antalya eskort


- Secure Your Business for Data Privacy Day
- Google Testing Security Fob Password Alterna...
- Security News Highlights Concerns
- Going to Extremes for Data Security
- Skipfish Website Vulnerability Scanner
- Critical Microsoft Visual Studio Security Pa...
- US Faces Tech Security Expert Deficit
- LAN Reconnaissance
- An Epilogue to Cryptography
- A Sequel to Cryptography
- An Introduction to Cryptography
- Security Overview
- Network Security Assessment
- Firewalls
- What’s behind the curtain? Part II

Developer Shed Affiliates


Dev Shed Tutorial Topics: