I am looking for assistance dealing with hacking web servers. I administer a web server and our on-site security expert showed me a list of items he was able to gain access to on my server. However, he would not tell me what tool he used to hack into my server.
My concern is this, if he can hack into the server so can anyone else - is there a list of do's and don'ts for web server security.
I am running a domino server configuration with Sametime running on top of it. I am also fairly new at web servers and am learning that there is more to securing databases than ACL's. If anyone can assist with specific information or publications (i.e. ebooks preferred!) I am willing to consider upping the point value.
Thanks in advance.