Practical UNIX Security Assignment Example | Topics and Well Written Essays - 2500 words

Practical UNIX Security - grant ExampleHowever, these modules require frequent updates for virus definitions and new threats, which may affect the network any eon. Every like a shot and then, new threats are designed and developed by hackers or cyber criminals. In spite of securing the networks and data centers, with the or so updated and advanced security modules, there is still a probability of a new threat to prize into the network. In addition, hackers and cyber criminals are exploring efficient codes day by day to improve the hacking software, in order to dishonour in to classified development, banks, online websites etc. As the threats and vulnerabilities are infinite, no one can memorize them in order to take a measured approach, the initial step is to identify the vulnerability type. An organization named as CVE ( vernacular Vulnerabilities and Exposure) provides a database to search for a particular public known vulnerability. The sponsors for CVE are US-CERT and manag ed by MITRE Corporation. The polish is to provide common names for all publicly known security threats and exposures. In order to paint a picture teaching from CVE, coming of National Vulnerability Database is mandatory (NVD) (Cve. 2011). (CVE) The Standard A comprehensive definition is functional on the CVE website, which states as Common Vulnerabilities and Exposures (CVE) is a dictionary of common names (i.e., CVE Identifiers) for publicly known information security vulnerabilities, while its Common Configuration Enumeration (CCE) provides identifiers for security configuration issues and exposures. CVEs common identifiers hold up it easier to share data across separate network security. One more definition usable in network dictionary states it as common vulnerabilities and exposure is an emerging refers industry standard for identifying and naming vulnerabilities and various other information security exposures (Common Vulnerabilities and Exposures. 2007). The primary o bjective of CVE is to provide a separate database accessible, in order to find out all the known threats and vulnerabilities currently, with the help of tools and services. What is CVE 3872 ? As CVE 3872 is a threat that operates on web technologies, before understanding CVE 3872, it is vital to focus on some of the web technologies that are associated with CVE 3872. Common Gateway Interface A newly developed website providing information must possess a database to inclose information, which is published on the website. In general, many people on the Internet will visit the website and access information, which is extracted from the database. This is where the importance of Common Gateway Interface (CGI) becomes useful. Dave Chaffy defines it as A method of affecting information on a web server in response to a customers request. Typically, a user will fill in a Web-based form and a CGI script (application) will process the results. Active Server Pages (ASP) are an alternative to a CGI script (Chaffey 2006). Moreover, if the users query the database of the website, the CGI script will extend the queries to the database and retrieves results on the website. It has become a standard for synchronizing information servers from external web applications. CGI is eminent in the form of a plain HTML file which his static, while CGI operates in a real time environment to display dynamic contents on a website. An