Oct 09

Build security into your systems part 10

Using Secure Sockets Layer (SSL) security for web publishing
The SSL protocol is a standardized method for allowing encrypted and authenticated communication between web servers and clients (web browsers). SSL encryption is only available to databases hosted on a server, and is enabled in the web server application, such as Microsoft Internet Information Server (IIS) or Apache HTTP Server by the Apache Group.
SSL encryption converts information exchanged between servers and clients into unintelligible information through the use of mathematical formulas known as ciphers. These ciphers are then used to transform the information back into understandable data through encryption keys.
For information on enabling and configuring SSL, review the documentation that accompanies your web server to make sure that your security protocols are all in place.
Being aware of wireless networks
Another security vulnerability to be aware of are wireless networking devices, also called “Wi–Fi” connections, which include:
•a station such as a laptop, or other wireless enabled device
•an access point (wireless hub or bridge) that is the point of access to the network
•the Local Area Network itself
•an authentication server, a separate device that challenges clients when they attempt network connections
Radio frequency access to a network leaves it open to packet interception by any radio within range of a transmitter. This enables intruders to connect through wireless protocols to corporate networks. These intrusions can be made far outside the customary “working” range by using hi-gain antennas. This is how so many credit card numbers have been stolen from high-end retailers, by people with these high-range devices just driving through mall car parks.

Your own server can be equally vulnerable. If your server is hosting files, an intruder could access data if the files lack sufficient user account security. An intruder who knows how a WAN controls access might be able to gain access to the network, steal a valid computer address, and use its assigned IP address.
A typical approach is to wait until the valid computer stops using the network and then take over its position in the network and gain access to all devices in the network or to the wider Internet.
Important When assessing the physical security of your network, password-protect and encrypt your wireless networking signals. Always use the maximum level of signal encryption available.

Leave a Reply