O'Reilly logo

Web Security and Commerce by Gene Spafford, Simson Garfinkel

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Minimizing Risk by Minimizing Services

An important way to minimize the threats to your web server is by minimizing the other services that are offered by the computer on which the web server is running. This technique works because each network service carries its own risks. By eliminating all nonessential services, you eliminate potential doors through which an attacker could break into your system.

Table 13.1 lists some of the services that you should disable or restrict if you wish to run a secure server. Many of these services are widely considered “safe” today, but that doesn’t mean that a serious flaw won’t be discovered in one of these services sometime in the future. At the very least, excessive connections to a “safe” service can result in significant denial of service. If you don’t need a service, disable it.

Table 13-1. Services ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required