Protecting Web Servers

Unanswered Question
Jun 12th, 2008
User Badges:

I have a client that hosts websites email me and said they are having hackers place code in script tags or iframe tags on web pages that point to another site where an unsuspecting user would then download malware.

My question is would CSA be the best solution to protect their web servers? I am open to other suggestions.



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
tsteger1 Thu, 06/12/2008 - 12:18
User Badges:
  • Red, 2250 points or more

CSA would be a good solution though it is expensive and the learning curve can be steep.

There are canned policies and rules that do a pretty good job right out of the box.

Web servers would be easier to protect with CSA than desktops\laptops because they don't usually have users installing tons of weird crap on them (unless they're hackers).

I can't say if it's the best because I haven't used anything else.


Farrukh Haroon Thu, 06/12/2008 - 13:08
User Badges:
  • Red, 2250 points or more

Beside CSA (or any other HIPS like ISS, Mcafee Entercept etc.) you also have to focus on the following:

> Keep Security Patches for OS and WebServer software/components up to date.

> Secure Web Programming

> Vulnerability Assessment using Custom Tools like WatchFire AppScan, Nikto, WebScarab, SPI Dynamics (Forgot the product name), Cenzic Hailstrom, Acunetix etc.

> Manually validating the various inputs/forms/fields etc. yourself (if possible) or by hiring a professional pen-test company.

> Other security best practices.




This Discussion