Home / Web Hacking (page 2)

Web Hacking

Reporting a Security Incident

Reporting a Security Incident

Reporting a Security Incident: Once an incident has been responded to and a team has gotten involved to assess the damage and start the cleanup, the required parties will need to be informed. These parties be will responsible for getting the ball rolling whether it is legal action, an investigative …

Read More »

Understanding Certificate Revocation

Understanding Certificate Revocation

Understanding Certificate Revocation: Certificate revocation is the process of revoking a certificate before it expires. A certificate may need to be revoked because it was stolen, an employee has moved to a new company, or someone has had their access revoked. A certificate revocation is handled either through a certificate …

Read More »

Certificate Policies

Certificate Policies

Certificate Policies: Certificate policies define what certificates do. A CA can potentially issue a number of different types of certificate—say, one for email, one for e-commerce, and one for financial transactions. The policy might indicate that it isn’t to be used for signing contracts or for purchasing equipment. Certificate policies …

Read More »

Using a Certificate Authority

Using a Certificate Authority

Using a Certificate Authority: A certificate authority (CA) is an organization that is responsible for issuing, revoking, and distributing certificates. A certificate is nothing more than a mechanism that associates the public key with an individual. It contains a great deal of information about the user. Each user of a …

Read More »

Hardening DHCP Services

Hardening DHCP Services

Hardening DHCP Services: Dynamic Host Configuration Protocol (DHCP) is used in many networks to automate the assignment of IP addresses to workstations. DHCP services can be provided by many different types of devices, including routers, switches, and servers. The DHCP process involves leasing TCP/IP address to a workstation for a …

Read More »

Hardening Web Servers

Hardening Web Servers

Hardening Web Servers: Web servers are one of the favorite areas for attackers to exploit because of the reach they have. If an attacker can gain access to a popular web server and take advantage of a weakness there, they have the opportunity to reach thousands, if not hundreds of …

Read More »

Hardening DNS Servers

Hardening DNS Servers

Hardening DNS Servers: Domain Name Service (DNS) servers resolve hostnames to IP addresses. This service allows a website name such as www.sybex.com to be resolved to an IP address such as 192.168.1.110. NOTE: A registrar manages your domain name, and most require an annual renewal fee. If these fees are …

Read More »

Hardening FTP Servers

Hardening FTP Servers

Hardening FTP Servers: File Transfer Protocol (FTP) servers are not intended for high-security applications because of their inherent weaknesses, Most FTP servers allow you to create file areas on any drive on the system. You should create a separate drive or subdirectory on the system to allow file transfers. If …

Read More »

Hardening Email Servers

Hardening Email Server: Email servers provide the communications backbone for many businesses they typically run either as an additional service on an existing server or as dedicated systems. Putting an active virus scanner on email servers can reduce the number of viruses introduced into your network and prevent viruses from …

Read More »