New & Notable
Web Server Threats and Countermeasures News
June 25, 2014
NTP amplification had led to several recent massive DDoS attacks. Despite the good news, researchers say many other DDoS techniques remain unfixed.
March 19, 2014
Security vendor Imperva says thousands of enterprise Web servers are exposed to an easy-to-exploit PHP flaw despite a patch long being available.
January 29, 2014
Data from Arbor Networks shows an increase in DNS amplification attacks and application-layer DDoS attacks.
January 08, 2014
Update: A Cisco researcher says last week's malvertisement attacks using Yahoo ads likely began prior to December 2013.
Web Server Threats and Countermeasures Get Started
Bring yourself up to speed with our introductory content
A DNS amplification attack is a reflection-based distributed denial of service (DDos) attack. The attacker spoofs look-up requests to DNS servers to hide the source of the exploit and direct the response to the target. Through various techniques, ... Continue Reading
On the Internet, content filtering (also known as information filtering) is the use of a program to screen and exclude from access or availability Web pages or e-mail that is deemed objectionable. Continue Reading
Cache cramming is a method of tricking a computer into running Java code it would not ordinarily run. Continue Reading
Evaluate Web Server Threats and Countermeasures Vendors & Products
Weigh the pros and cons of technologies, products and projects you are considering.
Continuing with Windows Server 2003 after its end-of-life date is a problem waiting to happen. Michael Cobb offers pointers on an upgrade. Continue Reading
Rob Shapland explains how to achieve SSL certificate security and select the certificate that will best ensure the trust of your organization's users. Continue Reading
Video: Keith Barker of CBT Nuggets shows how to use Nikto, a free and open source tool, to scan for outdated or vulnerable Web servers. Continue Reading
Manage Web Server Threats and Countermeasures
Learn to apply best practices and optimize your operations.
Denial-of-service attacks may be impossible to prevent, but that doesn't mean there aren't ways to protect Web applications from them. Continue Reading
Man-in-the-middle attack defense requires careful, layered security. Michael Cobb reviews the tactics enterprises should employ to stay secure. Continue Reading
Application security expert Michael Cobb discusses the risks of Web browser extensions and what enterprises can do to counter browser plug-in threats. Continue Reading
Problem Solve Web Server Threats and Countermeasures Issues
We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.
With Apache Web servers becoming ever more popular with attackers, organizations should follow Apache security best practices to avoid compromise. Continue Reading
Expert Nick Lewis details how misconfigured DNS resolvers can be used for DDoS DNS attacks and how organizations can secure them. Continue Reading
Expert Brad Casey discusses why effective brute-force SSH attack prevention means improving network monitoring instead of closing TCP port 22. Continue Reading