Hot Downloads

×

Notice

The forum is in read only mode.
Welcome, Guest
Username: Password: Remember me
  • Page:
  • 1

TOPIC: website Security

website Security 12 years 2 months ago #16985

  • Ranger24
  • Ranger24's Avatar Topic Author
  • Offline
  • Distinguished Member
  • Distinguished Member
  • Posts: 145
  • Thank you received: 0
Hi Guys,

My fathers company are havin a new website built and I'd like to be able to check it over for security issues when it is eventually finished (it'll take approx 6 months to complete. My old man is a bit indecisive!)

In the meantime I'd like to learn about website security, attacks, preventions etc. Can you point me in the correct direction, and to the kind of tools I will need?

Cheers,

R

Patience - the last reserve of the any engineer

Re: website Security 12 years 2 months ago #16992

  • DaLight
  • DaLight's Avatar
  • Offline
  • Honored Member
  • Honored Member
  • Posts: 1302
  • Karma: 1
  • Thank you received: 0
I will just drop some pointers which are by no means exhaustive.

1. Will the website be hosted internally by your father's company or on external servers? If on external servers, are they dedicated to your father's company, or shared with other companies?

The answers to the above questions will determine who is responsible for firewalling and gateway security arrangements as well as whether you will be able to obtain permission to carry out any required penetration tests.

2. The application stack i.e. Windows/IIS/ASP/SQL Server, Linux/Apache/My Sql/PHP, etc as this will determine what types of tests, vulnerabilies to look for.

3. Useful tools are:
Nikto : an Open Source (GPL) web server scanner
Nessus
Nmap

Also check out this book which I recently reviewed on Apache security, and this one which was reviewed by The Bishop.

Re: website Security 12 years 2 months ago #16999

I was just about to recommend that book but you beat me to it. It would be an excellent investment for exactly this scenario. Check out the Firewall.cx book reviews section for the review
  • Page:
  • 1
Time to create page: 0.132 seconds

CCENT/CCNA

Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V

Linux

  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup