|
-
December 1st, 2002, 10:37 PM
#6
The first question I have to ask, is what kind of website are you going to build? Is it a static or dyamic site.
If site is static, then it's alot easier. Only open the ports you need, keep everything patched, use strong passwords etc.
If you are developing a dyamic site, as attacks on the web site it's self go through port 80 (assumming that the web server is running on 80) which has to open for other to view your site, there are way to take control of the webserver via the web application, this will depend on what you are using. Therefor bypass all the firewall rules etc.
However you are going into a very big topic here, so it would be best if you have a look at www.owasp.org they have a very good document on securing web applications. Also have a look at www.securityfocus.com for a list of current vulnerabilities on the system you are using.
Hope this helps
SittingDuck
I\'m a SittingDuck, but the question is \"Is your web app a Sitting Duck?\"
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote