Solved

Enhancing The Security of the Web Applications

Posted on 2004-04-24
5
361 Views
Last Modified: 2013-11-15
Hello, I am a (Web Application Developer) and I am asking about how to find a best guide or model that covering all security points from beging of developing till publishing. Please help me to enhance my web application secuirty by using standard way.
0
Comment
Question by:Rami_Science
  • 2
  • 2
5 Comments
 
LVL 5

Expert Comment

by:Droby10
ID: 10909286
there are a number of generic and detail-focused checklists/guides here: http://www.owasp.org/.

0
 
LVL 7

Expert Comment

by:shahrial
ID: 10917246
What kind of web development platform are you using? For specifics, please input more details...else see Droby10 comment.
 
0
 

Author Comment

by:Rami_Science
ID: 10926628
hi, Droby10 the OWASP site is so nice, but I'm just beginner in the security issues so I will take some time to check it out before accepting your answer.
0
 

Author Comment

by:Rami_Science
ID: 10926734
    hello, shahrial. Till now I'am using windows as system platform and ASP + VBScript + JavaScript as languages. I think realy I'am searching about references that give me a complete vision  about  making my web applications safe for my customers in intrnet/intranet networks.
Here some issues tell me what do you think and take me to the right track.

     * The confidentiality of the submitted information like (member's information, private numbers, credit cards, electronic checks and e-mails).
     * Some Issues below:
1.  Server-Side Script.
2.  Client-Side Script.
3.   DBMS.
4.   Web Server Software.
5.   Server Operating System.
6.   Administrator's, Author's, User's and Guest's Permissions.
7.   Browsers.
8.   Host issue.
9.   Using security software.
10. Passwords Protection.
11. The Web Policy.
12. Credit card proxy Systems.
13. SSL.
14. Server Side include file problem.
15. Distributed Denial of Services (DDoS) Attack.
16. Security Layers.
 
0
 
LVL 7

Accepted Solution

by:
shahrial earned 500 total points
ID: 10934502
1.  Server-Side Script. > http://www.w3.org/Security/Faq/wwwsf3.html
2.  Client-Side Script. > http://www.codeproject.com/aspnet/scriptgen.asp?msg=802619
3.   DBMS. > http://searchdatabase.techtarget.com/featuredTopic/0,290042,sid13_gci863539,00.html
4.   Web Server Software. > http://www.w3.org/Servers.html
http://www.microsoft.com/technet/prodtechnol/windowsserver2003/technologies/webapp/iis/default.mspx
5.   Server Operating System. > http://www.microsoft.com/technet/prodtechnol/windowsserver2003/default.mspx
6.   Administrator's, Author's, User's and Guest's Permissions. ... these are OS specifics...see Server OS.
7.   Browsers. > http://www.theguardianangel.com/tutorials/browser_security_tutorials_summary.htm
8.   Host issue. ???
9.   Using security software. > http://www.alw.nih.gov/Security/prog-full.html
10. Passwords Protection. > http://www.nipc.gov/publications/nipcpub/password.htm
http://www.cert.org/tech_tips/passwd_file_protection.html
11. The Web Policy. > http://www.defenselink.mil/webmasters/
12. Credit card proxy Systems. > http://www.devshed.com/c/a/Administration/ScriptBased-Credit-Card-Interfaces/
13. SSL. > http://developer.netscape.com/tech/security/ssl/howitworks.html
14. Server Side include file problem. > http://www.freewebmasterhelp.com/tutorials/ssi
15. Distributed Denial of Services (DDoS) Attack. > http://www.denialinfo.com/
16. Security Layers. > http://www.findarticles.com/cf_dls/m0FOX/n15_v3/21168397/p1/article.jhtml

There are many sites and books to learn from the above topics...
Hope this helps...;-)

0

Featured Post

The Eight Noble Truths of Backup and Recovery

How can IT departments tackle the challenges of a Big Data world? This white paper provides a roadmap to success and helps companies ensure that all their data is safe and secure, no matter if it resides on-premise with physical or virtual machines or in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The new Gmail Phishing Scam going around is surprising even the savviest of users with its sophisticated techniques.
With healthcare moving into the digital age with things like Healthcare.gov, the digitization of patient records and video conferencing with patients, data has a much greater chance of being exposed than ever before.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
With the power of JIRA, there's an unlimited number of ways you can customize it, use it and benefit from it. With that in mind, there's bound to be things that I wasn't able to cover in this course. With this summary we'll look at some places to go…

813 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now