Manualshelf

User guide

ManualsBrandsRed Hat ManualsComputer equipmentNETSCAPE ENTERPRISE SERVER 6.0 - PROGRAMMER GUIDE TO SERVLETS
21222324252627282930
Chapter 1: Security Risks
1-4
Countermeasures Against Exploitation of User IDs and Passwords
In an environment open to limited users like an intranet, it is not likely that user IDs and passwords will
be decrypted. Such an environment is often the management base of user ID and password
information, and the information of user IDs and passwords is often saved in a file. If this file is
accessible by unauthorized users, there is a high risk of exploitation of the user ID and password
information. An effective countermeasure against this threat is to set appropriate access permissions to
files storing user ID and password information.
Countermeasures Against Tampering of Data Recorded In Files
To use the Interstage Management Console and the Interstage Operation Tool, the Interstage HTTP
Server environment definition file is required. If the information in this file is illicitly tampered with, it may
disable the Interstage Management Console and the Interstage Operation Tool and cause various
problems. An effective countermeasure against this threat is to set appropriate access permissions on
this file. For Solaris OE system or Linux system, refer to Enhancing Security (Protecting Interstage
Resources) in Appendix A.
Periodic backups are also effective. For information about backups, refer to Maintenance (Resource
Backup) in the Interstage Operator's Guide.
Countermeasures Against Exploitation of Information Recorded in Files
There are files storing information necessary for operation of the Interstage Management Console and
the Interstage Operation Tool. The contents of these files are also a part of resources, and it is
important to prevent exploitation of them. To cope with the threat of exploitation of information, it is
effective to set appropriate access permissions on these files. For Solaris OE system or Linux system,
refer to Enhancing Security (Protecting Interstage Resources) in Appendix A.
Countermeasures Against Damage to Files
In the environment of the Interstage Management Console and the Interstage Operation Tool, there are
important files like the environment definition file. If information in these files is illicitly tampered with, it
may disable the Interstage Operation Tool and cause various problems. An effective countermeasure
against this threat is to set appropriate access permissions on these files. For Solaris OE system or
Linux system, refer to Enhancing Security (Protecting Interstage Resources) in Appendix A.
Periodic backups are also effective. For information about backups, refer to Maintenance (Resource
Backup) in the Operator's Guide.