Tip

Balance security and open communications

Balance security and open communications
Barrie Sosinsky

The emergence of technologies and business practices add complexity, and often vulnerability, to state-of-the-art e-commerce sites. This is reflected in the significantly more complex security environments that exist in many organizations. Without proper testing in sample environments, the promise of quality security is illusory.

Unfortunately, very few companies have the opportunity to establish sites dedicated to testing security. These sites are both expensive and labor intensive -- two quantifiable resources that most lack a surplus of in their IT shops. Thankfully, organizations exist to perform security testing for you -- even better, many share their results free of charge. The vendors who supply the products that are the foundation of the network being tested sponsor most of these sites. For instance, the

    Requires Free Membership to View

Openhack site, a site built to test network security invitees hackers to try to penetrate it and pays rewards if they do. Cracking into Openhack.com pays rewards ranging from $500 for defacing the Web server to $1,500 for compromising the e-mail server to $2,500 for cracking into the database server. No prizes are given for DDoS (distributed denial-of-service) attacks.

Funded by many companies, including PSINet, Microsoft, Sun, Axent and more, Openhack is a useful tool for learning about network security for e-business sites.

About the author:

Barrie Sosinsky (barries@killerapps.com) is president of consulting company Sosinsky and Associates (Medfield MA). He has written extensively on a variety of computer topics. His company specializes in custom software (database and Web related), training and technical documentation.


Related book

E-Commerce Security: Weak Links, Best Defenses
Author : Anup K. Ghosh
Publisher : John Wiley & Sons
ISBN/CODE : 0471192236
Cover Type : Soft Cover
Pages : 304
Published : Jan. 1998
Summary:
Written by security expert Anup K. Ghosh, E-Commerce Security highlights the weak links and provides best defenses for individuals and enterprises connected to the Internet. This valuable guide addresses vulnerabilities in four essential components of electronic commerce -- the data transport protocol, Web server, Web clients and the network server operating system.


This was first published in December 2000

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

Disclaimer: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.