Consider the fallout if someone hacked your Website and altered the content of your site.

What would that do to your customer base?

Do you think their confidence in your ability to conduct business over the Internet would change?

What are the potential security threats to your Web application server? The threats are many. In fact, nearly every device that connects directly to the Internet on a broadband or dedicated (always on) connection is scanned multiple times.

Every device connected to the Internet receives an Internet Protocol (IP) address. That address has two components, a network component and a host component. A hacker can launch a program to ‘ping’ every host address within a given network and log the results. Simple analysis of the results reveals which addresses are assigned to active devices by responding to the ‘ping’. Armed with a list of active devices, the hacker launches other scans to determine the operating system or application programs the active device runs. Many operating systems and applications have security vulnerabilities that the hacker exploits.

So, what can the hacker do if he or she discovers vulnerabilities on your Web application server?

Let’s examine 5 Web application security threats.

1. Defacement and Altered Content. Once a hacker gains access to your system, the content is at his mercy. As previously stated, what would be the fallout if someone altered the content of your Web Server? If you rely upon your Web Server or Website to generate revenue or drive customers to your business, defacement or altered content could irreparably damage your relationship with your customers and prospects.

2. Data Theft. Another potential threat is data theft. If your site has e-mail addresses, account numbers, or other sensitive data, a hacker may steal that data and exploit it to his or her own gain. Imagine having to explain to your customers that the information stolen from your server led to identity theft or the unauthorized use of their financial data.

3. Unauthorized Access to Applications and System Resources. Sometimes a hacker uses your system for his or her own purposes merely denying you the ability to efficiently and effectively use your system. The fallout ranges from a minor inconvenience to a major catastrophe.

4. Denial of Service Attacks. Some hackers launch denial of service attacks, which overwhelm the connection and deny you and your customers access to your Website. Again, the fallout ranges from a minor inconvenience to a major catastrophe.

5. Propagation of Viruses, Worms, and Other Malware. Sometimes a hacker may access your system to use it as a springboard to launch viruses, worms or other forms of malware. This is done on your system to cover the hacker’s tracks.

The point is, take the security of your system seriously and employ all of the methods at your disposal to harden your site against attack.

Author: Tomer Shoha
Article Source: EzineArticles.com
Provided by: Pressure cooker

Related posts:

1. Effectively Scoping Application Security Penetration Testing and Ethical Hacking
   When seeking to test if your web based application or website is secure in deployment it can be very difficult to understand what activities to carry-out and what you should...
2. Web Application Security Testing White Paper
   The need to provide web security and defend web applications from hackers due to software and hardware vulnerabilities requires remote an online web vulnerability-assessment service to combat maximum vulnerabilities. The...
3. SAHI – Web Automation & Application Security Testing Tool
   Sahi is an automation tool to test web applications. Sahi injects javascript into web pages using a proxy and the javascript helps automate web applications. Sahi is an open source...
4. Security Management Series – Part I -The Foundation
   The foundation of any security program should be based on risk. When security is addressed as a theoretical exercise, it is often a self defeating proposition. I have seen both...