30 Jun ISSC363 Apache and Microsoft IIS Tools and Techniques
Question Description
Need to respond to the below two students discussions with at least 150 words minimum per discussion response. Below int he bold will be the questions the students are responding to.
Question:
Two of the most popular web servers are Apache and Microsoft IIS. Discuss some of the tools and techniques used to secure these web servers.
Student one:
Two of the most popular web servers are Apache and Microsoft IIS. Discuss some of the tools and techniques used to secure these web servers.
The two most popular web servers are Apache and IIS(Internet Information Server) by Microsoft. While both servers are rather popular Apache is the most used and most popular of the two because Apache can run on different operating systems however IIS is pretty much just for Microsoft operating systems. Because of this apache tends to be more flexible in its usage but Microsoft IIS is fully integrated for the Microsoft system which makes it easier to use.
Some tools and techniques used to secure these web servers are keeping the server up to date. Updating the server helps harden the security because there are always new threats, risk, and vulnerabilities that may cause harm to the system if not kept updated. Another good technique is only allowing the operations and modules that are needed and closing the ones that are not used often allowing applications to run that aren’t in use leaves an open port or gateway onto the system. It is also recommended for the Apache server to remove the server version banner. By removing the banner you are not allowing others the chance to use this information against you. Microsoft LLS comes with a lockdown tool, that allows the user to configure the security of the server. “The tool disables unused script mappings, which were the root cause of both the Nimda and Code Red worms.”(Kotek, 2003) Use authorization in combination with authentication to secure access to content on your server. This allows the user to limit who can have access to the information on the server and what machines can communicate with the server.
References:
Kotek, Brian, “Lock IT Down: Use these tools to tighten security in IIS”, October 6, 2003,www.techrepublic.com/article/lock-it-down-use-thes…
-Josiah
Student two:
With the two most popular web servers being Apache and Microsoft Internet Information Services servers, it is imperative that you secure those servers the most. There are several exploits available for Apache servers, which cause significant concerns. The major exploits are usually countered by several best practices when setting up the server. First, you have to disable the trace HTTP request option so that malicious actors can’t steal cookie information, run Apache with the signature set to off so you don’t give out the version number you’re running, disable all the banners sent back to the clients which usually include the clients operating system, restrict access to a specific network if you can, don’t use SSL 2.0 and 3.0 because they have significant vulnerabilities, definitely disable the directory listing so that people can’t look at your directories and to avoid unnecessary vulnerabilities remove the unnecessary DSO modules and above all ensure to update with all security updates. (Kumar, 2018)
The Microsoft Internet Information Services (IIS) servers are also vulnerable so just like the Apache servers there are a few best practices employed to secure them as well. According to the experts at TechTarget, ensure you include Windows authentication integrated with the client certificate authentication and ASP.NET form based authentication and URL authentication. You must also use IPv4 address and domain name rules to prevent access to unauthorized IP address, disable dynamic content so malicious software isn’t run. With those rules the Microsoft IIS servers are more secure than the Apache servers, but you must also remember to update the security patches all the time as well. (Cobb, 2010)
Works Cited
Cobb, M. (2010, October). Microsoft IIS 7 security best practices. Retrieved from TechTarget: https://searchsecurity.techtarget.com/tip/Microsoft-IIS-7-security-best-practices
Gibson, D. (2014). Managing Risk in Information Systems. Jones & Bartlett Learning.
Kumar, C. (2018, March 2). 10 Best Practices To Secure and Harden Your Apache Web Server. Retrieved from GeekFlare: https://geekflare.com/10-best-practices-to-secure-and-harden-your-apache-web-server/
-John Ford
Our website has a team of professional writers who can help you write any of your homework. They will write your papers from scratch. We also have a team of editors just to make sure all papers are of HIGH QUALITY & PLAGIARISM FREE. To make an Order you only need to click Ask A Question and we will direct you to our Order Page at WriteDemy. Then fill Our Order Form with all your assignment instructions. Select your deadline and pay for your paper. You will get it few hours before your set deadline.
Fill in all the assignment paper details that are required in the order form with the standard information being the page count, deadline, academic level and type of paper. It is advisable to have this information at hand so that you can quickly fill in the necessary information needed in the form for the essay writer to be immediately assigned to your writing project. Make payment for the custom essay order to enable us to assign a suitable writer to your order. Payments are made through Paypal on a secured billing page. Finally, sit back and relax.
About Writedemy
We are a professional paper writing website. If you have searched a question and bumped into our website just know you are in the right place to get help in your coursework. We offer HIGH QUALITY & PLAGIARISM FREE Papers.
How It Works
To make an Order you only need to click on “Order Now” and we will direct you to our Order Page. Fill Our Order Form with all your assignment instructions. Select your deadline and pay for your paper. You will get it few hours before your set deadline.
Are there Discounts?
All new clients are eligible for 20% off in their first Order. Our payment method is safe and secure.