Step 8. Ports


Services that run on the server use specific ports so that they can serve incoming requests . Close all unnecessary ports and perform regular audits to detect new ports in the listening state, which could indicate unauthorized access and a security compromise.

During this step, you:

  • Restrict Internet- facing ports to TCP 80 and 443 .

  • Encrypt or restrict intranet traffic .

Restrict Internet-Facing Ports to TCP 80 and 443

Limit inbound traffic to port 80 for HTTP and port 443 for HTTPS (SSL).

For outbound (Internet-facing) NICs, use IPSec or TCP filtering. For more information, see "How To: Use IPSec" in the "How To" section of this guide.

Encrypt or Restrict Intranet Traffic

For inside (intranet-facing) NICs, if you do not have a secure data center and you have sensitive information passing between computers, you need to consider whether to encrypt the traffic and whether to restrict communications between the Web server and downstream servers (such as an application server or database server). Encrypting network traffic addresses the threat posed by network eavesdropping. If the risk is deemed sufficiently small you may choose not to encrypt the traffic.

The type of encryption used also affects the types of threats that it addresses. For example, SSL is application-level encryption, whereas IPSec is transport layer encryption. As a result, SSL counters the threat of data tampering or information disclosure from another process on the same machine, particularly one running under a different account in addition to the network eavesdropping threat.




Improving Web Application Security. Threats and Countermeasures
Improving Web Application Security: Threats and Countermeasures
ISBN: 0735618429
EAN: 2147483647
Year: 2003
Pages: 613

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net