Chapter 14. Server Security
IN THIS CHAPTER
Introducing general server risks
Designing for security
Operating servers safely
Exploring server applications
In a simplistic view, network security can be grouped into three categories: the user workstation, the network devices, and the servers. The user workstation is important to secure because it potentially holds all the information to which a particular user may have access. Additionally, if the workstation is compromised, its attacker can (usually) do everything that a user would be authorized to do. Network devices allow users to interact with other users and servers. Network devices are often targeted because they are usually configured more for performance than security. The third category, servers, has its own reasons for being a security target, which are explored in this chapter. In should be noted that in this chapter MAC stands for mandatory access control.
General Server Risks
In the past, most of the attacks on networks have been focused on servers. Network servers are prime targets for the following reasons:
They hold large volumes of critical data. In the same way that banks are robbed because "that's where the money is," hackers are very interested in servers and the data that they hold.
If compromised, a server may provide the attacker access to many workstations. Most setups are such that the server is trusted and the workstation must authenticate to the server. This may leave the workstation vulnerable to attack if the server ...
Get Network Security Bible, 2nd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
