 Freeware
Security Web Tools
Gary Bahadur
In today's e-commerce-enabled environment, a company's
Web site is of paramount importance. Web sites are subject to daily
attacks. Everything from defacement to denial of service attacks
are launched against small "DotComs" and large multi-national
corporations. The purpose of this article is to look at some freeware
Linux tools the security-conscious administrator can use in the
war against cyber attacks.
There are numerous freeware tools available for all four phases
of securing a Web server. However, in the commercial arena, there
are not many tools available. You probably already know some of
the commercial tools such as Cybercop (www.nai.com), ISS
(www.iss.net), and Retina (www.eeye.com).
There are three facets to securing a Web server. The first is
the network on which it resides; the second is the operating system
on which it is running; and the third is the applications running
on the Web server. In this article, I will discuss in detail some
tools that you can use to increase your security posture. These
tools deal mainly with the version of the Web server running. For
a detailed analysis of network and application security, please
see "Securing Your Web Server", Sys Admin magazine,
June 1999.
|
