Web Based Services Security

Web-based services and e-mail rank highly when identifying possible threats, risks, and exploitation.

The problems associated with Web-based exploitation can affect a wide array of users, including end users surfing Web sites, using Instant Messaging (IM), and shopping online. End users can also have many problems with their Web browsers.This tutorial covers many of these issues, including:

• How to recognize possible vulnerabilities
• How to securely surf the Web
• How to shop and conduct financial transactions online safely

This tutorial looks at File Transfer Protocol (FTP)-based services. FTP has long been a standard to transfer files across the Internet, using either a Web browser or an FTP client. Because of the highly exploitable nature of FTP, this tutorial looks at why it is insecure, how it can be exploited, and how to secure it.We will also look at a number of other methods for transferring files, such as Secure FTP (S/FTP) and H SCP. While FTP remains a common method of transferring files on the Internet, SCP has superseded it as a preferred method among security professionals for transferring files securely.

The last section deals with Lightweight Directory Access Protocol (LDAP), its inherent security vulnerabilities, and how it can be secured. In this section we address many of the issues with LDAP, and look at how it is used in Active Directory, eDirectory, and other directory services. By exploring these issues, you will have a good understanding of the services and Internet technologies that are utilized in network environments.