JavaScript
  Home arrow JavaScript arrow Page 2 - Protecting the Server
Dev Articles Forums 
ADO.NET  
Apache  
ASP  
ASP.NET  
C#  
C++  
ColdFusion  
COM/COM+  
Delphi-Kylix  
Design Usability  
Development Cycles  
DHTML  
Embedded Tools  
Flash  
Graphic Design  
HTML  
IIS  
Interviews  
Java  
JavaScript  
MySQL  
Oracle  
Photoshop  
PHP  
Reviews  
Ruby-on-Rails  
SQL  
SQL Server  
Style Sheets  
VB.Net  
Visual Basic  
Web Authoring  
Web Services  
Web Standards  
XML  
Mobile Linux 
App Generation ROI 
IBM® developerWorks 
Weekly Newsletter
 
Developer Updates  
Free Website Content 
 RSS  Articles
 RSS  Forums
 RSS  All Feeds
Write For Us Get Paid 
Request Media Kit
Contact Us 
Site Map 
Privacy Policy 
Support 
 USERNAME
 
 PASSWORD
 
 
  >>> SIGN UP!  
  Lost Password? 
JAVASCRIPT

Protecting the Server
By: O'Reilly Media
  • Search For More Articles!
  • Disclaimer
  • Author Terms
    		•
    Rating: stars stars stars stars stars / 0
    2008-09-11

    Table of Contents:
  • Protecting the Server
  • Network Security
  • Security concerns
  • Network tiers and the DMZ
    		•

    Rate this Article: Poor Best 
      ADD THIS ARTICLE TO:
      Del.ici.ous Digg
      Blink Simpy
      Google Spurl
      Y! MyWeb Furl
    Email Me Similar Content When Posted
    Add Developer Shed Article Feed To Your Site
    Email Article To Friend
    Print Version Of Article
    PDF Version Of Article
    		 
     
    ADVERTISEMENT

    Protecting the Server - Network Security
    (Page 2 of 4 )

    See that funny-looking telephone-like cable coming out of your DSL/cable modem? That’s the Internet. Before we can set up a web server, we must first prepare the network. You don’t want to plug the web server into the Internet with a giant Hack Me sign on it, do you? We must take some precautions first.

    What we really need to do is separate us from them, right? Us being—you know—us, and them being—well—the bad guys. We need a wall—make that a firewall—to keep them out.

    Firewalls

    A firewall is a device sitting between a private network and a public network. Part of what helps make a private network private is, in fact, the firewall. The firewall’s job is to control traffic between computer networks with different zones of trust—for example, an internal, trusted zone, such as a private network, and an external, non-trusted zone, such as the Internet.

    Trust boundaries

    Different trust zones meet in what is known as trust boundaries. It is like a seam in the network and, as mentioned earlier, seams require added security attention. We need to make sure that all the gaps are filled and that the firewall allows the right kind of traffic. We do this with firewall rules. Firewall rules establish a security policy governing what traffic is allowed to flow through the firewall and in what direction.

    The ultimate goal is to provide a controlled interface between the different trust zones and enforce common security policy on the traffic that flows between them based on the following security principles:

    Principle of least privilege
       A user should be allowed to do only what she is
       required to do.

    Separation of duties
           Define roles for users and assign different levels of
       access control. Control how the application is
       developed, tested, and deployed and who has
       access to application data.

    Firewalls are good at making quick decisions about whether one machine should be allowed to talk to another. The easiest way for the firewall to do this is to base its decisions on source address and destination address.

    Next: Security concerns >>
     

    More JavaScript Articles
    More By O'Reilly Media


     
    >>> Be the FIRST to comment on this article!

    Buy this book now. This article is excerpted from chapter four of the book Securing Ajax Applications: Ensuring the Safety of the Dynamic Web, written by Christopher Wells (O'Reilly, 2007; ISBN: 0596529317). Check it out today at your favorite bookstore. Buy this book now.

    JAVASCRIPT ARTICLES

    - Using jQuery to Preload Images with CSS and ...
    - Using Client-Side Scripting to Preload Image...
    - Removing Non-Semantic Markup when Preloading...
    - Using the Display CSS Property to Preload Im...
    - Preloading Images with CSS and JavaScript
    - Scaling and Moving Web Page Elements with th...
    - Fading, Hiding and Sliding HTML Elements wit...
    - Toggling CSS Properties with the GX JavaScri...
    - Cancel, Queue and Pause Animations with the ...
    - Producing Elastic Effects with the GX JavaSc...
    - Moving Divs Diagonally with the GX JavaScrip...
    - Moving Elements Vertically and Horizontally ...
    - Making Bouncing Effects in Parallel with the...
    - Creating Bouncing Effects with the GX JavaSc...
    - Manipulating Background Colors with the GX J...
    Find More JavaScript Articles






    © 2003-2010 by Developer Shed. All rights reserved. DS Cluster 1 Hosted by Hostway
    For more Enterprise Application Development news, visit eWeek