Security of web servers and web services

Publikation: Beiträge in SammelwerkenAufsätze in SammelwerkenForschung

Standard

Security of web servers and web services. / Hockmann, Volker; Knöll, Heinz-Dieter; Leiss, Ernst L.
Encyclopedia of multimedia technology and networking. Hrsg. / Margherita Pagani. Hershey, PA: Information Science Reference, 2009. S. 1284-1292.

Publikation: Beiträge in SammelwerkenAufsätze in SammelwerkenForschung

Harvard

Hockmann, V, Knöll, H-D & Leiss, EL 2009, Security of web servers and web services. in M Pagani (Hrsg.), Encyclopedia of multimedia technology and networking. Information Science Reference, Hershey, PA, S. 1284-1292.

APA

Hockmann, V., Knöll, H.-D., & Leiss, E. L. (2009). Security of web servers and web services. In M. Pagani (Hrsg.), Encyclopedia of multimedia technology and networking (S. 1284-1292). Information Science Reference.

Vancouver

Hockmann V, Knöll HD, Leiss EL. Security of web servers and web services. in Pagani M, Hrsg., Encyclopedia of multimedia technology and networking. Hershey, PA: Information Science Reference. 2009. S. 1284-1292

Bibtex

@inbook{07b82649393346f8aaf0053c372b8bae,
title = "Security of web servers and web services",
abstract = "Web servers and the Web services associated with them have become increasingly important in the last few years. Online banking, e-mail, and money, business- to-business (B2B), and business-to-client (B2C) transactions are growing rapidly. It is difficult to imagine modern business without these forms of networking. However, there are also significant negative aspects. In many cases, due to competitive pressures, companies and government agencies had to implement these services very fast, often too fast and without any appreciation of the concepts of security and protection. As a consequence, it turns out that a hacker can misuse with little effort these Web services or compromise the underlying database (e.g., to obtain access to credit cards numbers or social insurance information). A very significant percentage of the population in developed and developing countries is using wired and wireless connections for reading e-mails, accessing newsgroups, or using Internet banking. All these services are running on a Web server. Most Web servers are running the Apache or the Microsoft Internet Information Server (IIS) (all versions of both servers [Apache 1.3.x/2.x, IIS 3-6]) (Netcraft, 2006). Of these, older versions of the Internet Information Server are especially vulnerable to numerous attacks. Therefore, an attacker is in a position to break, with little effort, into many Web servers running IIS 4 or 5. However, the Apache Web server (running on Windows systems) is also vulnerable to similar attacks. Moreover, using a Web server based on UNIX or Linux is not a guarantee for a secure system. UNIX and Linux systems are also affected by inherent weaknesses and vulnerabilities such as buffer overflows and the handling of format strings (ZDNet, 2006). Readers who like to have more general insight are referred to works by Leiss (1990) and Garfinkel and Spafford (2002). These books give broader perspectives on Internet security.",
keywords = "Business informatics",
author = "Volker Hockmann and Heinz-Dieter Kn{\"o}ll and Leiss, {Ernst L.}",
year = "2009",
language = "English",
isbn = "978-1605660141",
pages = "1284--1292",
editor = "Margherita Pagani",
booktitle = "Encyclopedia of multimedia technology and networking",
publisher = "Information Science Reference",
address = "United States",

}

RIS

TY - CHAP

T1 - Security of web servers and web services

AU - Hockmann, Volker

AU - Knöll, Heinz-Dieter

AU - Leiss, Ernst L.

PY - 2009

Y1 - 2009

N2 - Web servers and the Web services associated with them have become increasingly important in the last few years. Online banking, e-mail, and money, business- to-business (B2B), and business-to-client (B2C) transactions are growing rapidly. It is difficult to imagine modern business without these forms of networking. However, there are also significant negative aspects. In many cases, due to competitive pressures, companies and government agencies had to implement these services very fast, often too fast and without any appreciation of the concepts of security and protection. As a consequence, it turns out that a hacker can misuse with little effort these Web services or compromise the underlying database (e.g., to obtain access to credit cards numbers or social insurance information). A very significant percentage of the population in developed and developing countries is using wired and wireless connections for reading e-mails, accessing newsgroups, or using Internet banking. All these services are running on a Web server. Most Web servers are running the Apache or the Microsoft Internet Information Server (IIS) (all versions of both servers [Apache 1.3.x/2.x, IIS 3-6]) (Netcraft, 2006). Of these, older versions of the Internet Information Server are especially vulnerable to numerous attacks. Therefore, an attacker is in a position to break, with little effort, into many Web servers running IIS 4 or 5. However, the Apache Web server (running on Windows systems) is also vulnerable to similar attacks. Moreover, using a Web server based on UNIX or Linux is not a guarantee for a secure system. UNIX and Linux systems are also affected by inherent weaknesses and vulnerabilities such as buffer overflows and the handling of format strings (ZDNet, 2006). Readers who like to have more general insight are referred to works by Leiss (1990) and Garfinkel and Spafford (2002). These books give broader perspectives on Internet security.

AB - Web servers and the Web services associated with them have become increasingly important in the last few years. Online banking, e-mail, and money, business- to-business (B2B), and business-to-client (B2C) transactions are growing rapidly. It is difficult to imagine modern business without these forms of networking. However, there are also significant negative aspects. In many cases, due to competitive pressures, companies and government agencies had to implement these services very fast, often too fast and without any appreciation of the concepts of security and protection. As a consequence, it turns out that a hacker can misuse with little effort these Web services or compromise the underlying database (e.g., to obtain access to credit cards numbers or social insurance information). A very significant percentage of the population in developed and developing countries is using wired and wireless connections for reading e-mails, accessing newsgroups, or using Internet banking. All these services are running on a Web server. Most Web servers are running the Apache or the Microsoft Internet Information Server (IIS) (all versions of both servers [Apache 1.3.x/2.x, IIS 3-6]) (Netcraft, 2006). Of these, older versions of the Internet Information Server are especially vulnerable to numerous attacks. Therefore, an attacker is in a position to break, with little effort, into many Web servers running IIS 4 or 5. However, the Apache Web server (running on Windows systems) is also vulnerable to similar attacks. Moreover, using a Web server based on UNIX or Linux is not a guarantee for a secure system. UNIX and Linux systems are also affected by inherent weaknesses and vulnerabilities such as buffer overflows and the handling of format strings (ZDNet, 2006). Readers who like to have more general insight are referred to works by Leiss (1990) and Garfinkel and Spafford (2002). These books give broader perspectives on Internet security.

KW - Business informatics

M3 - Contributions to collected editions/anthologies

SN - 978-1605660141

SN - 1605660140

SP - 1284

EP - 1292

BT - Encyclopedia of multimedia technology and networking

A2 - Pagani, Margherita

PB - Information Science Reference

CY - Hershey, PA

ER -