Glosario KW | KW Glossary
Especial | A | B | C | D | E | F | G | H | I | J | K | L | M | N | Ñ | O | P | Q | R | S | T | U | V | W | X | Y | Z | TODAS
W (DATA CENTER)
W (OPEN SOURCE)
Web Server Security
Web Server Security
Posted by Margaret Rouse
Web server security is the protection of information assets that can be accessed from a Web server.
Web server security is important for any organization that has a physical or virtual Web server connected to the Internet. It requires a layered defense and is especially important for organizations with customer-facing websites.
Separate servers should be used for internal and external-facing applications and servers for external-facing applications should be hosted on a DMZ or containerized service network to prevent an attacker from exploiting a vulnerability to gain access to sensitive internal information.
Penetration tests should be run on a regular basis to identify potential attack vectors, which are often caused by out-of-date server modules, configuration or coding errors and poor patch management. Web site security logs should be audited on a continuous basis and stored in a secure location. Other best practices include using a separate development server for testing and debugging, limiting the number of superuser and administrator accounts and deploying an intrusion detection system (IDS) that includes monitoring and analysis of user and system activities, the recognition of patterns typical of attacks, and the analysis of abnormal activity patterns.
Continue Reading About web server security
Also see Webification.
1) To Webify is to convert some information content from its original format into a format capable of being displayed on the World Wide Web. Some conversion examples are:
Using the File Transfer Protocol (FTP) from the Web browser, text pages (with files in theASCII TXT format) can also be "Webified" for display by Web users. Many Internet Request for Comment (Request for Comments) documents are available on the Web in the text format. The only Webification these files need is to simply make them available in a directory accessible to the FTP server.
2) Webify is the name of a program that makes a structured tree of HTML files and JPEG or GIF images from Postscript files.
Posted by Margaret Rouse
As with any phishing endeavor, the goal of whaling is to trick someone into disclosing personal or corporate information through social engineering, email spoofing and content spoofing efforts. The attacker may send his target an email that appears as if it's from a trusted source or lure the target to a website that has been created especially for the attack. Whaling emails and websites are highly customized and personalized, often incorporating the target's name, job title or other relevant information gleaned from a variety of sources.
The term whaling is a play-on-words because an important person may also be referred to as a "big fish." In gambling, for examples, whales describe high-stakes rollers who are given special VIP treatment.
Due to their focused nature, whaling attacks are often harder to detect than standard phishing attacks. In the enterprise, security administrators can help prevent success whaling expeditions by encouraging corporate management staff to undergo information security awareness training.
See also: spear phishing
Continue Reading About whaling
Dig Deeper on Email and Messaging Threats (spam, phishing, instant messaging)
Everything you need to know about Windows 10
Here's everything we know about Windows 10: What's new, how it relates to the enterprise, when it's arriving, and how to get hold of it today.
Windows Nano Server
Is Windows Nano Server a data center game-changer?
Windows 10 might be getting all the attention, but Microsoft’s new Nano Server could start a quiet revolution in server rooms across the globe.
Back in April, Microsoft somewhat quietly previewed what its Windows Server engineering teams had been working on for quite some time. While it would be easy to write it off as just another iteration in a long line of never-ending releases, Windows Nano Server has the potential to reinvent your data center.
What is Windows Nano Server?
Windows Nano Server is a project that was previously codenamed Tuva (although kudos to Microsoft for breaking the trend of having very cool codenames that turn into incredibly drab actual released product names) and is designed to be Windows without the GUI or legacy baggage. It’s different than Server Core, the GUI-less installation option introduced in Windows Server 2008, because Windows Nano Server strips out basically every part of Windows that is designed to ever service the GUI or a GUI oriented application.
Server Core merely takes off the GUI but leaves a lot of the underlying Win32 API surface area and structure so that when you put the GUI back on via a checkbox – at least in Windows Server 2012 and later – you don’t have to reinstall all of the plumbing that goes along with it. Windows Nano Server rids itself of all 32-bit application support, support for Microsoft Installer (MSI) applications and a lot more historical baggage that causes a lot more problems than it solves for machines running in the cloud.
Windows Nano Server is headless and sessionless. As mentioned, there is no GUI. But there’s also no local login, so there’s no point in attaching a keyboard or mouse or running this in any kind of Remote Desktop-oriented session. Consider it like a Linux box in the cloud that you don’t have SSH access to – you use it remotely, you manage it remotely, and all it does is run services and applications like an appliance would. It’s incredibly compact and has a very small surface area – just as much as is needed to fulfill its role as a specialty purpose server operating system.
The entire point of Windows Nano Server is that it should run applications designed for it – headless applications that provide their management tools for remote use, and that service end user requests over the wire without the need to populate a lot of user session interaction. These applications – which can be built for Nano Server and run inside containers – can be run via a variety of supported runtimes, including C#, Java, Node.js and Python for responsive, high quality Web applications.
Windows Nano Server can also be used to run infrastructure services like a scale-out file server, DNS, DHCP, Hyper-V within a limited deployment scenario, Hyper-V failover clusters and others. There will be limited support for standard Windows APIs; basically the APIs that will work are the ones that don’t require user interaction or involve GUIs or 32-bit application support.
How much of an impact does stripping out all of that GUI application support framework make? A lot. There is a lot of cruft in the general purpose Windows Server release – even though in general the Server releases are very high quality – that simply does not exist within the Windows Nano Server environment. Here are some statistics to really drive this point home:
Why is Windows Nano Server important?
For now, Windows Nano Server is designed to work in the cloud. But it’s to envision a deployment of a variety of Nano Server virtual machines running custom applications within containers like Docker that just get moved over the wire nearly instantaneously between Azure regions and your corporate datacenter. Especially since the footprint of these virtual machines from a storage perspective is almost a tenth of what it’s in big Windows Server images today.
Your developers and operations team can work even more closely together and use container technology to package applications and well configured versions of Nano Server together so that your applications just work, i.e., the whole platform works as one. For web applications and hardened infrastructure roles that could be served with the likes of an appliance, Windows Nano Server could be an intriguing choice come next year when it’s expected to be released alongside Windows Server 2016.
But perhaps more interestingly, and certainly from a longer-term perspective, Windows Nano Server represents the future of Windows: a future where there is clean break from the necessities to support past applications and legacy code, a future where Windows can work remotely in a very lightweight, scalable, supportable way.
While Windows Nano Server is not intended to replace Windows Server 2012 R2 or Windows Server 2016 in any way, it’s easy to see how there would be much less of a need for a general purpose server release in the near future, especially as legacy code gets aged out of production and use cycles and more and more workloads move to the cloud. We could see a completely different world where Windows Server gets more like Windows 10: No major revisions or major n+1 style versions, but just solid updates coming fairly regularly out of Redmond that add functionality or remove old features that have been deprecated and replaced.
While Windows Nano Server is definitely a specialty move for now, it’s not hard to see how it will become the preferred operating system as time marches on, with the whole Windows Server operating system becoming an “if you must” type of option.
Windows' adaptive shell
Microsoft's new adaptive shell will help Windows 10 scale across PC, Mobile, and Xbox
Microsoft is about to take the next step with its "One Windows" vision by introducing an improved, adaptable Windows Shell that'll work across PC, Mobile and Xbox.
The Windows Shell is essentially the Windows environment we all know and love. In layman's terms, it gives us access to system elements and objects necessary for running applications, and houses features such as the Taskbar, Start Menu, Desktop and more. Currently, the Windows Shell is different depending on the version of Windows 10 you're using. For example, Mobile is using a different Windows Shell than desktop; but Microsoft is working to change and streamline that.
According to my sources, Microsoft is building an "adaptive shell" into Windows 10 that'll work across PCs and tablets, phones, HoloLens, and even Xbox. As it currently stands, the Windows Shell isn't a true universal element of Windows, unlike the OneCore subsystem and Universal Windows Apps. PCs and tablets share the same shell thanks to Continuum, but Mobile, HoloLens and Xbox have their own individual shells that are updated and maintained separately.
Over the next few Windows 10 releases however, Microsoft will be bringing each of these device categories under one Windows Shell, making for a true universal Windows 10 experience no matter what device you're using. Internally referred to as "Composable Shell" or "CSHELL", this new Windows Shell will be able to scale in real-time between all types of devices, similarly to how Continuum currently works between desktop mode and tablet mode, only this time it'll scale across Xbox and Mobile as well.
For our more techy readers, the Composable Shell is essentially a shell modularized into sub-components. The system can transition between each component if it is required, making for a much more flexible experience on devices like 2-in-1's or something that has multiple form-factors.
We're told that the Composable Shell will begin showing up over the next few major Windows 10 updates, for Mobile, then Desktop, and eventually Xbox too. In fact, Microsoft has already given us a glimpse of this Composable Shell in a demo a few months back detailing improvements upcoming to Continuum on Windows 10 Mobile. In the demo, Microsoft showed off a Continuum environment on phone that was extremely similar to the environment we know and love on actual Windows 10 PCs today. This is essentially the Composable Shell in its infancy.
That demo showed us that Microsoft is enhancing Continuum to go both ways. Windows 10 Mobile can expand into a full desktop environment, and eventually, Windows 10 desktop will be able to do the opposite or scale further for devices like HoloLens and Xbox.
A perfect example of this Composable Shell is with the rumored Surface phone and Windows 10 on ARM. We all want Microsoft to release a phone running full Windows 10 on ARM, but as it currently stands that would be impossible — full Windows 10 doesn't have a UI that adapts well to screen sizes of less than 6 inches. With this Composable Shell, that wouldn't be an issue because full Windows 10 would be able to switch into "phone-mode", providing an experience one would expect on a Windows 10 Mobile device, except powered by full Windows 10.
In addition, with the Surface phone also rumored to have a foldable screen, the Composable Shell would simply be able to adapt itself accordingly when folded out. When folded like a phone, Windows 10 will be in phone mode, but when folded out, it'll automatically switch into tablet/desktop mode. A full Windows 10 machine in your pocket, with a full Windows desktop environment and phone environment whenever needed; these are the kind of experiences this Composable Shell can enable.
Even if the fabled Surface phone ends up running Windows 10 Mobile rather than full Windows 10 on ARM, this Composable Shell will still be beneficial for future devices (like the rumored folding screens), as Microsoft is already working on the full desktop environment in Windows 10 Mobile Continuum anyway.
The other benefit of an adaptable shell is that Microsoft will no longer have to maintain and update each individual shell separately. The Composable Shell, being scalable across all kinds of Windows 10 devices, will be the same shell everywhere, meaning Microsoft won't need to worry about updating individual shell environments. Update once, deploy everywhere.
Now although this new shell is universal, that doesn't mean certain devices will be encumbered with features and behaviors they don't need or play well with. Xbox will still be primarily Xbox orientated, Mobile will be primarily Mobile orientated, and Desktop will be primarily Desktop orientated. That's the magic of Continuum and the Composable Shell. It adapts.
And in regards to the name "Composable Shell", why call it composable? Well, I think the definition of composability explains it perfectly. "A highly composable system provides recombinant components that can be selected and assembled in various combinations to satisfy specific user requirements." It's basically a fancy way of saying Continuum, if you think about it hard enough.
Of course, we're still a few major Windows 10 releases away before this new shell begins showing up across all versions of Windows 10, but assuming these plans don't get canceled, this is a very exciting concept for Windows 10 and one that will enable a whole new market of devices.
Best apps for Windows 10 PC: http://www.windowscentral.com