Oracle B12255-01 Manuale Utente
Frequently Asked Questions
9-5
Protecting Web Site From Hackers
There are many attacks, and new attacks are invented everyday. Following are some
general guidelines for securing your site. You can never be completely secure, but
you can avoid being an easy target.
general guidelines for securing your site. You can never be completely secure, but
you can avoid being an easy target.
■
Use a commercial firewall between your ISP and your Web server. Recognize,
however, that not all hackers are outside your organization.
however, that not all hackers are outside your organization.
■
Use switched ethernet to limit the amount of traffic a compromised server can
sniff. Use additional firewalls between Web server machines and highly
sensitive internal servers running database and enterprise applications.
sniff. Use additional firewalls between Web server machines and highly
sensitive internal servers running database and enterprise applications.
■
Remove unnecessary network services such as RPC, Finger, telnet from your
server machine.
server machine.
■
Carefully validate all input from Web forms. Be especially wary of long input
strings and input that contains non-printable characters, HTML tags, or
javascript tags.
strings and input that contains non-printable characters, HTML tags, or
javascript tags.
■
Encrypt or randomize the contents of cookies that contain sensitive information.
For example, it should be difficult to guess a valid sessionID to prevent a hacker
from hijacking a valid session.
For example, it should be difficult to guess a valid sessionID to prevent a hacker
from hijacking a valid session.
■
Check often for security patches for all your system and application software,
and install them as soon as possible. Be sure these patches come from bona fide
sources; download from trusted sites and verify the cryptographic checksum.
and install them as soon as possible. Be sure these patches come from bona fide
sources; download from trusted sites and verify the cryptographic checksum.
■
Use an intrusion detection package to monitor for defaced Web pages, viruses,
and presence of “rootkits” that indicate hackers have broken in. If possible,
mount system executables and Web content on read-only file systems.
and presence of “rootkits” that indicate hackers have broken in. If possible,
mount system executables and Web content on read-only file systems.
■
Have a “forensic analysis” package on hand to capture evidence of a break in as
soon as detected. This aids in prosecution of the hackers.
soon as detected. This aids in prosecution of the hackers.