© Elena Kichigina/Shutterstock

CHAPTER 5
Mitigating Website Risks, Threats, and Vulnerabilities

PERIMETER NETWORK SOLUTIONS—firewalls, intrusion detection systems (IDSs), intrusion prevention systems (IPSs), and demilitarized zones (DMZs)—are all needed for network security, but they manage only part of the risk. Today’s networks require much more than perimeter security. Internal services such as email, File Transfer Protocol (FTP), Hypertext Transfer Protocol (HTTP), and Telnet operate 24/7 and are a security battleground. These protocols and web applications form the basis of the modern business economy, and that makes them a target for hackers.

In some respects, managing web application security is more difficult than other traditional network areas. Among the many facets to web application security are controlling visitors, securing site feedback mechanisms, and plugging code-related security holes. Today’s network administration requires a complete security strategy encompassing all aspects of internal and external security strategies. This chapter explores some of the threats associated with web security.