Saturday, October 19, 2019

Practical UNIX Security Assignment Example | Topics and Well Written Essays - 2500 words

Practical UNIX Security - Assignment Example However, these modules require frequent updates for virus definitions and new threats, which may affect the network anytime. Every now and then, new threats are designed and developed by hackers or cyber criminals. In spite of securing the networks and data centers, with the most updated and advanced security modules, there is still a probability of a new threat to intrude into the network. In addition, hackers and cyber criminals are exploring efficient codes day by day to improve the hacking software, in order to breach in to classified information, banks, online websites etc. As the threats and vulnerabilities are infinite, no one can memorize them in order to take a measured approach, the initial step is to identify the vulnerability type. An organization named as CVE (Common Vulnerabilities and Exposure) provides a database to search for a particular public known vulnerability. The sponsors for CVE are US-CERT and managed by MITRE Corporation. The goal is to provide common names for all publicly known security threats and exposures. In order to extract information from CVE, access of National Vulnerability Database is mandatory (NVD) (Cve. 2011). (CVE) The Standard A comprehensive definition is available on the CVE website, which states as â€Å"Common Vulnerabilities and Exposures (CVE ®) is a dictionary of common names (i.e., CVE Identifiers) for publicly known information security vulnerabilities, while its Common Configuration Enumeration (CCEâ„ ¢) provides identifiers for security configuration issues and exposures. CVE’s common identifiers make it easier to share data across separate network security†. One more definition available in network dictionary states it as â€Å"common vulnerabilities and exposure is an emerging refers industry standard for identifying and naming vulnerabilities and various other information security exposures† (Common Vulnerabilities and Exposures. 2007). The primary objective of CVE is to provide a separate database accessible, in order to find out all the known threats and vulnerabilities currently, with the help of tools and services. What is CVE 3872 ? As CVE 3872 is a threat that operates on web technologies, before understanding CVE 3872, it is vital to focus on some of the web technologies that are associated with CVE 3872. Common Gateway Interface A newly developed website providing information must possess a database to store information, which is published on the website. In general, many people on the Internet will visit the website and access information, which is extracted from the database. This is where the importance of Common Gateway Interface (CGI) becomes useful. Dave Chaffy defines it as â€Å"A method of processing information on a web server in response to a customer’s request. Typically, a user will fill in a Web-based form and a CGI script (application) will process the results. Active Server Pages (ASP) are an alternative to a CGI script† (Chaffey 2006). Moreover, if the users query the database of the website, the CGI script will transmit the queries to the database and retrieves results on the website. It has become a standard for synchronizing information servers from external web applications. CGI is eminent in the form of a plain HTML file which his static, while CGI operates in a real time environment to display dynamic contents on a website. An

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.