Communication Security: Web Based Services • Chapter 5  257

                 logon.Authorizations over the Internet should always be considered insecure unless
                 strong encryption mechanisms are in place to protect them. Secure Sockets Layer
                 (SSL) can be used to protect Web traffic; however, the protection it offers is not sig-
                 nificant enough to protect internal accounts that are exposed on the Internet.

                 Handling Directory and Data Structures

                 Planning the hierarchy or structure of the Web root is an important part of
                 securing a Web server.The root is the highest level Web in the hierarchy that con-
                 sists of Webs nested within Webs.Whenever possible,Web server administrators
                 should place all Web content within the Web root.All the Web information (the
                 Web pages written in HTML, graphics files, sound files, and so on) is normally
                 stored in folders and directories on the Web server.Administrators can create virtual
                 directories, which are folders that are not contained within the Web server hierarchy
                 (they can even be on a completely different computer), but appear to the user to
                 be part of that hierarchy.Another way of providing access to data that is on another
                 computer is mapping drives or folders.These methods allow administrators to store
                 files where they are most easily updated or take advantage of extra drive space on
                 other computers. However, mapping drives, mapping folders, or creating virtual
                 directories can result in easier access for intruders if the Web server’s security is
                 compromised. It is especially important not to map drives from other systems on
                 the internal network.
                    If users accessing these Webs must have access to materials on another system,
                 such as a database, it is best to deploy a duplicate database server within the Web
                 server’s Demilitarized Zone (DMZ) or domain.The duplicate server should con-
                 tain only a backup, not the primary working copy of the database.The duplicate
                 server should also be configured so that no Web user or Web process can alter or
                 write to its data store. Database updates should come only from the original pro-
                 tected server within the internal network. If data from Web sessions must be
                 recorded into the database, it is best to configure a sideband connection from the
                 Web zone back to the primary server system for data transfers.Administrators
                 should also spend considerable effort verifying the validity of input data before
                 adding it to the database server.

                 Directory Properties

                 An important part of the security that can be set on a Web server is done through
                 the permissions set on directories making up the Web site.The permissions control
                 what a user or script can do within a specific directory, and allow Web administra-
                 tors to control security on a granular level.Although the procedures for setting


                                                                              www.syngress.com