Chapter 15. Host Security for Servers

Chapter 15. Host Security for Servers

Host security is the security of the computer on which your web server is running. Traditionally, host security has been a computer security topic unto itself. Whole books (including a couple of our own) have been written on it.

Host security was in its heyday in the 1980s and early 1990s, when dozens or even hundreds of people shared the same computer. Many of these systems were at universities, where one of the goals of the system operators was to prevent students from seeing each other's coursework. Other systems were at government installations, where the systems needed to store and segregate "Secret" from "Top Secret" information. As a result, host security was traditionally concerned with questions of protecting the operating system from users, protecting users from each other, and performing auditing measures.

The 1990s saw a dramatic shift in the emphasis and importance of host security. It seems that many organizations place less emphasis on host security when each person had exclusive use of a computer. This perspective is misguided because, as we have seen, distributed systems can be as vulnerable (if not more so) to the security problems that can affect large time-sharing systems. One explanation for the decreased attention to host security is that assuring host security in a distributed environment is significantly more complicated and more expensive, and in fact has proven to be beyond the capabilities of many organizations. Another explanation is that too many people are more concerned with cost and ease of deploying systems that are impossible to secure.^[1]

^[1] This is especially true of government systems. Sadly, cost-containment pressures have led even the military to build safety-critical systems systems absolutely vital for national and theater defense on commercial platforms with defective or weak security features and horrendous records of exploitable flaws in released products.

The Web has reignited interest in host security. The measures that were developed in the 1980s and 1990s for protecting a computer system against its users and protecting the users against each other work equally well for protecting a computer system against an external attacker especially if that attacker is able to gain some sort of foothold in your computer system to start running his own programs. After all, the computer on which your web server is running has access to all of the web server's files; it can monitor all of the web server's communications and it can even modify the web server itself. If an attacker has control of your computer's operating system, it is impossible to use that computer to provide secure services.

Because of size and time constraints, this book cannot provide you with a step-by-step guide to building a secure Internet host. Instead, this chapter discusses some of the most common security problems that affect computers being used to offer web services and then describes how to build a web server that minimizes these problems. Appendix E includes references to other books that provide more detailed host security information.