Web server security: Infrastructure components
Introduction
Cybercriminals understand that your website is not only the face of your organization, but often also its weakest link. With just one misconfigured port, malicious spearphishing email or unpatched vulnerability, an attacker can deploy a range of techniques and tools to enter and then move undetected throughout a network to find a valuable target. Once found, data can be exfiltrated, modified, deleted or all of the above, depending on their motive, all while blending in their movements with legitimate network traffic.
All of this is enabled through web servers, which makes these devices not only vital to communication but also your organization’s security posture. However, because by their very nature web servers sit near the edge of your network, they are designed to be accessed and pinged, sharing at least basic information about your organization to anyone in the outside world.
To continue the Infosec Skills series on web server protection, this article focuses on the infrastructure components that can be deployed to keep attackers at bay, monitor for malicious activity, log session activity or even stop cybercriminals in their tracks. While our review is by no means comprehensive, we will look at some of the most commonly used tools that contribute to web server hardening.
The infrastructure components of web server protection
Firewalls
A firewall is a device configured to protect and isolate an organization’s internal network from external traffic, allowing only specific connections to pass through well-monitored ports and pre-defined rules. Firewalls can be implemented in either software or hardware form and can control traffic flow both in- and outbound based on specified criteria, such as IP addresses, time ranges or the type or destination of a network request.
In a sense, a firewall is often considered the first line of an organization’s cyber defenses. (Read more...)
*** This is a Security Bloggers Network syndicated blog from Infosec Resources authored by Patrick Mallory. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/8Vvow-D4h2Q/
