Home > Articles > Security > Software Security

Stuart McClure's Daily Security Tips for the Week of November 11th

  • Print
  • + Share This
Take a tip from Stuart McClure, the lead author of the best-selling, critically acclaimed security book, "Hacking Exposed." This week, Stu shares some web security tips for systems and network managers.
From the author of

Web Security Tip for Friday, November 15th, 2002

Ensure limited privileges – The web services and databases services typically run as a user or administrator of the system. As such, you must limit the user privileges these services have. For example, while Microsoft's SQL Server comes installed with the "sa" user, you should never use it for normal day-to-day database access within your application. Instead, you should create a new user with some (but not all) privileges; just enough to get the job done. For more information on SQL Server user privileges, check out www.sqlsecurity.com.

Web Security Tip for Thursday, November 14th, 2002

Strong authentication – Brute force attacks take advantage of weak passwords. And while the password will be with us for decades to come in terms of authentication mechanisms, it is a good idea to audit these passwords regularly with a tool like John the Ripper (http://www.openwall.com/john/). If possible, you should move to a stronger form of authentication such as SecureID tokens from RSA (www.rsa.com).

Web Security Tip for Wednesday, November 13th, 2002

Enable auditing – Every major operating system and application has the ability to log requests. As such, you should enable as much logging as possible before bringing a system into production. This includes system audit logs such as those on Windows, web server logs, and database transaction logs.

Web Security Tip for Tuesday, November 12th, 2002

Remove unnecessary access – By default, most systems are set up with a multitude of unnecessary users and groups. Be sure to understand the needs of your applications and only allow access to users who indeed need it.

Web Security Tip for Monday, November 11th, 2002

Remove unnecessary network services – This should be the mantra of all system administrators around the world. A default installed server with default installed operating systems and applications typically has so many services running that a hacker could drive a truck through them. So remove those services in any manner possible: stop services, edit /etc/inetd.conf files, stop running systray icons, etc. If you want to know all the programs that are listening on certain ports, you can check out Vision by Foundstone (http://www.foundstone.com/ knowledge/forensics.html).

Check back here every weekday for another security tip!

  • + Share This
  • 🔖 Save To Your Account