An organization can adopt the following policy to protect itself against web server attacks.
- Patch management this involves installing patches to help secure the server. A patch is an update that fixes a bug in the software. The patches can be applied to the operating system and the web server system.
- Secure installation and configuration of the operating system
- Secure installation and configuration of the web server software
- Vulnerability scanning system - these include tools such as Snort, NMap, Scanner Access Now Easy (SANE)
- Firewalls can be used to stop simple DoS attacks by blocking all traffic coming the identify source IP addresses of the attacker.
- Antivirus software can be used to remove malicious software on the server
- Disabling Remote Administration
- Default accounts and unused accounts must be removed from the system
- Default ports & settings (like FTP at port 21) should be changed to custom port & settings (FTP port at 5069)
❤ Share and Support ❤
0 Comments