First page Back Continue Last page Overview Graphics

Application Vulnerabilities


Notes:

The best tactic is NOT to run a service, if you don't need it.

If you're not running a web server, you're automatically invulnerable to the hundreds of attacks that float around the Internet and take advantage of web server vulnerabilities.

If you have to provide a service (e.g. your company's web server), make sure that it only supports the necessary sets of plugins/extentions. This will minimize exposure to remote threats. Also, make sure that you follow some security-related mailing list (like BUGTRAQ) to be notified when a new security vulnerability that affects your servers is publicized.