Web servers are the backbone of the internet and provide the core services and functionalities of the billions of websites around the world and, as a result, act as a repository for the personal data of everyone who visits them. Ensuring that servers are secure from outside attack is a prime concern for any organization who use rely on them.
In the last few years attacks against web servers have increased substantially and it is immaterial where in the world you base a web server: malicious code respects no boundaries. The threat is not only transnational, but now comes from organized criminal gangs looking to harvest passwords, financial details and other information, rather than teenage hackers looking to cause mischief. In most cases an attack occurs unobtrusively, with servers and websites corrupted with malware designed to infect as many users as possible.
This paper discusses common ways web servers are attacked and the various ways they can be protected.
Author
Chris Mitchell,Sophos Labs.
In the last few years attacks against web servers have increased substantially and it is immaterial where in the world you base a web server: malicious code respects no boundaries. The threat is not only transnational, but now comes from organized criminal gangs looking to harvest passwords, financial details and other information, rather than teenage hackers looking to cause mischief. In most cases an attack occurs unobtrusively, with servers and websites corrupted with malware designed to infect as many users as possible.
This paper discusses common ways web servers are attacked and the various ways they can be protected.
Download "Securing websites" [PDF]
Author
Chris Mitchell,Sophos Labs.
