"The authors...bring wide-ranging experience to this work, moving from
theory to hands-on, bit-shoveling practical advice." - Steve Bellovin
Why we wrote this book
The World Wide Web is the first universal middleware ready for prime
time. The combination of formats, protocols, and programming language
that constitute the Web enables users on different platforms to run the
same applications automatically. Religious Macintosh users can utilize
the Web, as can PC users and Unix gurus. The ability to reach so many
users at once has sparked a revolution in the information and
applications available to everyone. The Web made the Internet as much a
household fixture as the microwave and the television.
However, there is a big difference. A defect in a particular brand of
microwave may have unpleasant side effects for its owner, but a
security bug in a Web browser could cause millions of people serious
loss of information, privacy, or both. Another difference between the
Web and other household appliances is that users interact directly with
servers on the Web. Shopping via the Web is already commonplace. It is
unlikely that your television will leak out your credit card number to
hundreds of unscrupulous people, but the Web can do just that.
We believe that the number one obstacle for further growth and
acceptance of the Web for many tasks is security. Another incident like
the 1988 Morris worm, which disabled millions of computers around the
world, could be catastrophic. It could even result in widespread
paranoia about the Internet. The wealth of information on the Web would
diminish if companies were too scared to participate.
We wrote this book to highlight important security concerns for Web
users. We also present ways to improve the security of clients and
servers. In addition, we explore the security implications of Java,
Who Should Read This Book
This book is intended for anyone who is concerned about security on the
Web, is in charge of security for a network, or manages an organization
that uses the Web. It is especially suited for Webmasters and system
administrators who are concerned with security of their information and
computing environments. People whose everyday jobs involve maintaining
a Web site will want to read the entire book; it could also serve as a
handy reference for any security or Web professional.
How This Book Is Organized
Chapter 1 gives an overview of the threats we face as users of the Web.
It presents several examples as well as simple defense mechanisms. The
dangers of the Web from a user's perspective are discussed, and the
chapter lays the foundation for the rest of the book.
Chapter 2 gives the basics of securing the client environment largely
through the security options on the most popular browsers. Netscape
Navigator and Internet Explorer are analyzed in detail for security
options and flaws. The chapter covers everything from obtaining a valid
browser over the Internet to setting security options and unsetting
Chapter 3 delves more deeply into client-side security issues and user
privacy issues. The first part of the chapter examines techniques for
user certification on the Web. Verisign's digital IDs are examined in
depth. Cookies and their affect on privacy are explored, as well as
some advanced anonymity techniques such as mixes, onion routing, the
anonymizer and anonymous e-mail.
discusses the security implications of the general model of downloading
executables to a client machine. The sandbox model assumes that the
execution environment can contain programs and limit their ability to
do damage, whereas the certification method assumes that executables
will carry credentials that will determine whether or not they can run.
Both models are explored in this chapter. Finally, some short-term and
long-term solutions are discussed.
Chapter 5 covers all of the basics of server-side security. Examples of
the most popular servers are discussed. The chapter contains
information about how to configure access control, commonly made
mistakes, the dependence on naming services, and many other issues.
Chapter 6 deals further with server-side security, covering the nitty
gritty details. For example, the chapter shows how to manage
server-side includes, how to incorporate certificates into servers,
integrity for web pages, code signing, and many other advanced issues.
Chapter 7 is very important. It deals with security issues regarding
CGI scripts, which are the most common way to provide "active" Web
pages that process user input. However, CGI scripts can be very
dangerous if not done correctly. First, input to the scripts must be
sanitized to avoid shell escapes and other characters from interfering
with the execution. There are also programs out there to help. CGIWrap
is one such tool discussed in this chapter. Finally, Perl, TCL, and
other scripting languages are discussed.
Chapter 8 discusses the interaction between firewalls and the Web. The
chapter shows how to configure proxies for use with firewalls, as well
as interaction between firewalls and other security policies such as
how to handle executable content through a firewall.
Chapter 9 discusses how transport is secured on the Web. SSL is
Netscape's protocol that has been widely adopted to authenticate
servers and encrypt communications. Another approach is to secure the
IP layer in the protocol stack. The various approaches are explained
and compared in this chapter.
Chapter 10 deals with securing commerce on the Web. It describes
various systems and their protocols. Among the systems covered are
First Virtual, Cybercash, Digicash, Open Market, the SET protocol of
Visa and Mastercard, and Millicent. In addition to comparing and
contrasting the payment methods and the security of the various
schemes, the chapter also discusses search engine security.
Chapter 11 projects our view of the future of the Web and Web
The chapters were written to stand on their own, so you can pick and
choose the topics you care most about. Whenever appropriate, the
chapters cross-reference one another. However, if you are going to read
the whole book, the best approach is to go straight through the
chapters in order. Chapters 2, 3, 5, and 6 might be the most useful for
Webmasters, while the other chapters are easier reading for less