基于B/S的信息管理(一般更适用于在全国多个城市有分支机构的公司。)直接暴露在internet环境中,很容易遭到恶意者的攻击,如果数据库系统是MS SQL Server 2000,更容易遭到SQL注入攻击(其他数据库也有这样的问题)。常见的系统客户端验证有智能IC卡(C/S模式多用此法),密码+随机验证码(B/S模式多用此法),这样虽然可以减少被攻击的几率。但是如果禁止让与系统相关的人员进入系统(包括登陆界面),C/S模式可以通过VPN来很好的解决,B/S模式也可以。本文讨论使用SSL证书来限制客户端的登陆。
这里有 在安全论坛( http://www.securityfocus.com )发表的3篇文章,地址如下:
Apache 2 with SSL/TLS: Step-by-Step, Part 1
( http://www.securityfocus.com/infocus/1818 )
This article, part one, introduces key aspects of SSL/TLS and then shows how to install and configure Apache 2.0 with support for these protocols.
Apache 2 with SSL/TLS: Step-by-Step, Part 2
( http://www.securityfocus.com/infocus/1820 )
The second part discusses the configuration of mod_ssl, and then addresses issues with web server authentication. The second article also shows how to create web server's SSL certificate.
Apache 2 with SSL/TLS: Step-by-Step, Part 3
( http://www.securityfocus.com/infocus/1823 )
The third and final article in this series discusses client authentication and some typical configuration mistakes made by administrators that may decrease the security level of any SSL communication.
如果需要构建安全的Apache(包括 Apache 1.3.x 和 Apache 2 ),地址如下:
Securing Apache: Step-by-Step
( http://www.securityfocus.com/infocus/1694 )
Securing Apache 2: Step-by-Step
( http://www.securityfocus.com/infocus/1786 )
这里有 在安全论坛( http://www.securityfocus.com )发表的3篇文章,地址如下:
Apache 2 with SSL/TLS: Step-by-Step, Part 1
( http://www.securityfocus.com/infocus/1818 )
This article, part one, introduces key aspects of SSL/TLS and then shows how to install and configure Apache 2.0 with support for these protocols.
Apache 2 with SSL/TLS: Step-by-Step, Part 2
( http://www.securityfocus.com/infocus/1820 )
The second part discusses the configuration of mod_ssl, and then addresses issues with web server authentication. The second article also shows how to create web server's SSL certificate.
Apache 2 with SSL/TLS: Step-by-Step, Part 3
( http://www.securityfocus.com/infocus/1823 )
The third and final article in this series discusses client authentication and some typical configuration mistakes made by administrators that may decrease the security level of any SSL communication.
如果需要构建安全的Apache(包括 Apache 1.3.x 和 Apache 2 ),地址如下:
Securing Apache: Step-by-Step
( http://www.securityfocus.com/infocus/1694 )
Securing Apache 2: Step-by-Step
( http://www.securityfocus.com/infocus/1786 )