O'Reilly logo

Web Security, Privacy & Commerce, 2nd Edition by Gene Spafford, Simson Garfinkel

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Securing the Host Computer

Here are some of the ways you might go about defending your computer system from these individuals.

Security Through Policy

It’s tempting to approach host security as a checklist of do’s and don’t’s for computers and networks. After all, to damage a computer, an attacker must have access. So in theory, to operate a secure system, all you need to do is to block all of the venues by which an attacker can get access, and the resulting system will be secure.

In practice, however, it has proved nearly impossible to have a computer that offers services over the network and yet still denies all access to attackers. Often access comes through unintended holes, such as a carelessly coded CGI script (see Chapter 16), or a buffer overflow attack that is known to the attacker but not the computer’s operators.

Instead of approaching host security as a laundry list of specific technical action items, it’s better to look at the kinds of practices that make computers less secure, and then explore the specific policy initiatives that you can implement to improve your security outlook.

For more than a decade, there have been nine widespread practices on the Internet that make host security far worse than it needs to be. These practices are:

  • Failure to think about security as a fundamental aspect of system setup and design (establishing policy)

  • Purchase and configuration of computing systems based on issues of cost or compatibility rather than on the desired functionality and ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required