Home / Networking / Beginners

Web Based Services Security

Web-based services and e-mail rank highly when identifying possible threats, risks, and exploitation.

The problems associated with Web-based exploitation can affect a wide array of users, including end users surfing Web sites, using Instant Messaging (IM), and shopping online. End users can also have many problems with their Web browsers.This tutorial covers many of these issues, including:

  • How to recognize possible vulnerabilities
  • How to securely surf the Web
  • How to shop and conduct financial transactions online safely

This tutorial looks at File Transfer Protocol (FTP)-based services. FTP has long been a standard to transfer files across the Internet, using either a Web browser or an FTP client. Because of the highly exploitable nature of FTP, this tutorial looks at why it is insecure, how it can be exploited, and how to secure it.We will also look at a number of other methods for transferring files, such as Secure FTP (S/FTP) and H SCP. While FTP remains a common method of transferring files on the Internet, SCP has superseded it as a preferred method among security professionals for transferring files securely.

The last section deals with Lightweight Directory Access Protocol (LDAP), its inherent security vulnerabilities, and how it can be secured. In this section we address many of the issues with LDAP, and look at how it is used in Active Directory, eDirectory, and other directory services. By exploring these issues, you will have a good understanding of the services and Internet technologies that are utilized in network environments.

In this tutorial:

  1. Web Security
  2. Managing Access Control
  3. Handling Directory and Data Structures
  4. Eliminating Scripting Vulnerabilities
  5. Logging Activity
  6. Finding Rogue Web Servers
  7. Stopping Browser Exploits
  8. Web Spoofing
  9. Web Server Exploits
  10. SSL and HTTP/S
  11. HTTP/S
  12. Instant Messaging
  13. Text Messaging and Short Message Service (SMS)
  14. Web-based Vulnerabilities
  15. ActiveX
  16. Dangers Associated with Using ActiveX
  17. Protection at the Network Level
  18. JavaScript
  19. Programming Secure Scripts
  20. Understanding Code Signing
  21. Buffer Overflows
  22. Making Browsers and E-mail Clients More Secure
  23. Securing Web Browser Software
  24. CGI
  25. Resulting from Weak CGI Scripts
  26. FTP Security
  27. Secure Copy
  28. FTP Sharing and Vulnerabilities
  29. Directory Services and LDAP Security
  30. LDAP
  31. Securing LDAP