Main Nav

 

I am curious what products some of you might be using to protect your web server(s) directly from vulnerability attacks such as php, perl, sql, etc.    Are you using an appliance? Proxy? Filter system? Added software protection?   Thanks!

 

 

Tim Tyler

Network Engineer

Beloit College

 

********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.

Comments

Message from ahockett@warnerpacific.edu

Tim ~

 

What platform or OS are you asking about?  Windows protection is a different beast from *Nix protection.  For my *Nix servers I harden the OS plus the AMP stack w/ Shorewall (iptables) + I run OSSEC for HIDS.  Lastly, we only allow port 80/443 to go to and from our web servers w/ logging on our Juniper firewall.

 

-Aaron

 

 

mysteries made known

Aaron Hockett
Network Systems and Securities Manager 

Warner Pacific College
2219 SE 68th Ave.
Portland, OR 97215
 

ahockett@warnerpacific.edu
www.warnerpacific.edu 

tel:
fax:

503-517-1203

503-517-1352

 

This message is intended for the sole use of the individual to whom it is addressed. It may contain information that is privileged, confidential or exempt from disclosure under applicable laws. If you are not the intended addressee you are hereby notified that you may not use, copy, disclose, or distribute to anyone this message or any information contained within this message. If you have received this message in error, please immediately advise the sender by replying to this email and delete this message.

 

 

 

The best protection is to have administrators who have an in depth understanding of all the different software components, OS’s, file and database permissions and networking involved and who understand good security practices such as controlling user input, disabling services not needed, staying up on advisories, patching and change control etc.

Maybe I’m stating the obvious to this group, but while there are definitely additional measures that can be taken, this is the most important and often overlooked.

Pete M.

 

Aaron, others,

We are running Redhat with Apache.  I believe that the current exploits we are observing are coming in against php holes of which some is 3rd part content.   

Tim

 

Yes, I couldn’t more agree. When we write our own code, we are very serious about restricting user input,  keeping it to a minimum, and thinking about all privileges.  But in a distributed working environment of a web server, a lot of content gets put up that isn’t always well checked.   Even the web manager can’t over-see all content.  Some of the content is 3rd party while some are forms developed by other departments.   It is hard to stay on top of content when it is not centralized.  Maybe what we are looking for is something that might aid us in vulnerability checking to do frequent sweeps for potential holes that web publishers might put up from time to time.   

 

Tim

 

Message from msheiny@seas.upenn.edu

SELinux anyone? I briefly played around with it for a past web-server I used to run and it seemed like an impressive defense mechanism against most web exploits. Felt like a burden to up-keep though (have to keep relabeling the context and recognize when it causes permissions issues). -Mike ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.

I spent a small amount of time looking at Vega for scanning web pages for vulnerabilities on our hosted sites.  It looked promising but I haven’t put the time into it yet to verify

 

http://www.darknet.org.uk/2011/07/vega-open-source-cross-platform-web-application-security-assessment-platform/

 

 

 

Recommend

Close
Close


Annual Conference
September 29–October 2
View Proceedings

Events for all Levels and Interests

Whether you're looking for a conference to attend face-to-face to connect with peers, or for an online event for team professional development, see what's upcoming.

Close

Digital Badges
Member recognition effort
Earn yours >

Career Center


Leadership and Management Programs

EDUCAUSE Institute
Project Management

 

 

Jump Start Your Career Growth

Explore EDUCAUSE professional development opportunities that match your career aspirations and desired level of time investment through our interactive online guide.

 

Close
EDUCAUSE organizes its efforts around three IT Focus Areas

 

 

Join These Programs If Your Focus Is

Close

Get on the Higher Ed IT Map

Employees of EDUCAUSE member institutions and organizations are invited to create individual profiles.
 

 

Close

2014 Strategic Priorities

  • Building the Profession
  • IT as a Game Changer
  • Foundations


Learn More >

Uncommon Thinking for the Common Good™

EDUCAUSE is the foremost community of higher education IT leaders and professionals.