Byte Size Show

Embed Size (px)

Citation preview

  • 8/8/2019 Byte Size Show

    1/16

  • 8/8/2019 Byte Size Show

    2/16

    Presentation Outliney Objectivesy Definition of termsy Common web security issuesy Preventiony Conclusiony References

  • 8/8/2019 Byte Size Show

    3/16

    Objectivesy To define some web terminologiesy To state common security issues and problems on the

    weby To give some preventive measures and tips to lessen or

    avoid common security risks

  • 8/8/2019 Byte Size Show

    4/16

    Definition of termsy World Wide Web

    abbreviated as www and commonly known as the Web , is a

    system of interlinked hypertext documents accessed via theInternet.

    y Web Securityinvolves protecting that information by preventing ,

    detecting , and responding to attacks.

  • 8/8/2019 Byte Size Show

    5/16

    Definitions of termsy Internet

    an electronic communications network that connects

    computer networks and organizational computer facilitiesaround the world

    y Hacker , attacker , or intruderThese terms are applied to the people who seek to exploitweaknesses in software and computer systems for their owngain.

  • 8/8/2019 Byte Size Show

    6/16

    Definitions of termsy Malware

    Short for "malicious software , " malware refers to software

    programs designed to damage or do other unwanted actionson a computer system. In Spanish , "mal" is a prefix that means"bad , " making the term "badware .

    y Server

    A computer , or a software package , that provides a specifickind of service to client software running on othercomputers.

  • 8/8/2019 Byte Size Show

    7/16

    Common Security Issues on the WebServer security threatsUnintentional actors

    administrator who forgets to disable user accounts of a formeremployee. This is a good example of a local threat.

    Intentional actorsIt can be an attacker who wants to access information on aserver remotely. An attacker in another geographical area .

  • 8/8/2019 Byte Size Show

    8/16

    Common Security Issues on the Weby SQL injection

    is a code injection technique that exploits a securityvulnerability occurring in the database layer of an application.

    The following line of code illustrates this vulnerability:

    So entering `OR 1=1 as your username , could result in the

    following actually being run:

    SELECT * FROM users WHERE username = USRTEXT ' AND password = PASSTEXT

    SELECT * FROM users WHERE username = ' OR 1=1 'AND password= '

  • 8/8/2019 Byte Size Show

    9/16

    Common Security Issues on the WebHome users security issuesViruses and Wormswell known by anyone who's used email in the last five years , these often carry or fetch other programs that can unleashattacks.

    Denial-of-Service Attackswhere attackers barrage the network with so much data thatthey ultimately render your computer unusable and in need of a reboot , or else open doors for full access into your computer.

    Trojan Horsesprograms pretending to be innocuous when reality they inviteintruders inside and give full access to your computer.

  • 8/8/2019 Byte Size Show

    10/16

    Common Security Issues on the WebHome users security issues

    Session Hijackingthe fancy name for using mail servers or programs used asvehicles for sending out viruses and other malware.Bugs and Holesthe human errors in nearly every piece of software everwritten , allow for easy access to those in the know.

    Spywareoften synonymous with application backdoors , are programsor features in programs allowing for information flow in andout of networks without the user's knowledge , often utilizedby dubious corporations as a means of profiling user data.

  • 8/8/2019 Byte Size Show

    11/16

    PreventionHome User threat preventions

    Install Anti-Virus Software.Ensure that reputable anti-virus software is installed on allcomputers.Ensure that the anti-virus software is up to date.Everyday new computer viruses are being released and it isessential that business is protected from these viruses bykeeping the anti-virus software up to date.Employ a firewall to protect networks.As computer viruses can spread by means other than email , itis important that unwanted traffic is blocked from entering thenetwork by using a firewall.

  • 8/8/2019 Byte Size Show

    12/16

    PreventionServer security tipsy keep software patched and up to datey

    disable unused servicesy enable and audit system logs for suspicious activity and errors

    on a regular basisy configure a firewall , block IPs that attack for a finite period of

    time (like a month)y use complex passwords and change them every 90 daysy run scheduled anti-virus (on windows) and rkhunter (on linux)

    checks

  • 8/8/2019 Byte Size Show

    13/16

    PreventionServer security tipsy make backups of your data (user directory , database , system

    config files , website document root , application data) and donot store backup archives on servery only install applications that are well known and trusted , **

    this applies to PHP and other CGI scripts in particular **y monitor Technical Cyber Security Alerts for new security issues

    that might affect software you are runningy apply these best practices to workstations used to log into

    server and/or develop applications for server

  • 8/8/2019 Byte Size Show

    14/16

    ConclusionIt seems that everything relies on computers and the internet now communication(email , cellphones) , entertainment (digital cable , mp3s) , transportations , shopping

    (online stores , credit cards) , medicine (equipment , medical records) , and the list goes

    on. But we must always be aware that along with this amazing technology are alsothose high security risks.

    Among these dangers are viruses erasing your entire system , someone breaking into

    your system and altering files , someone using your computer to attack others , or

    someone stealing your credit card information and making unauthorized purchases.

    There is no 100% guarantee that all safety precautions will work. All we cando is to have the enough knowledge on some preventive measures to minimize the

    risks.

  • 8/8/2019 Byte Size Show

    15/16

    The Byte SizeDela Cruz Felipe Jr. Balidoso

    Meribeles Jason Roy Rambutan

    Santos Erol PandaSantos Virgilio Jr. Matanda

    Serrano Jefferson Gunggong

  • 8/8/2019 Byte Size Show

    16/16

    Referencesy http://www.dedicatedserverhosting.com/2010/04/08/top-10-

    dedicated-server-security-tips/y

    http://www.us-cert.gov/cas/tips/index.htmly http://www.watsonhall.com/resources/downloads/top10-

    website-security-issues.pdf y http://en.wikipedia.org/wiki/World_Wide_Weby

    http://www.techterms.com/definition/malware