Research Article

Vulnerability Assessment of Web Servers using Honey Pots: Perspectives, Ethical Issues, Legal Implications

by  Seema Verma, Tanya Singh
journal cover
International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 72 - Issue 22
Published: June 2013
Authors: Seema Verma, Tanya Singh
10.5120/12677-9420
PDF

Seema Verma, Tanya Singh . Vulnerability Assessment of Web Servers using Honey Pots: Perspectives, Ethical Issues, Legal Implications. International Journal of Computer Applications. 72, 22 (June 2013), 45-49. DOI=10.5120/12677-9420

                        @article{ 10.5120/12677-9420,
                        author  = { Seema Verma,Tanya Singh },
                        title   = { Vulnerability Assessment of Web Servers using Honey Pots: Perspectives, Ethical Issues, Legal Implications },
                        journal = { International Journal of Computer Applications },
                        year    = { 2013 },
                        volume  = { 72 },
                        number  = { 22 },
                        pages   = { 45-49 },
                        doi     = { 10.5120/12677-9420 },
                        publisher = { Foundation of Computer Science (FCS), NY, USA }
                        }
                        %0 Journal Article
                        %D 2013
                        %A Seema Verma
                        %A Tanya Singh
                        %T Vulnerability Assessment of Web Servers using Honey Pots: Perspectives, Ethical Issues, Legal Implications%T 
                        %J International Journal of Computer Applications
                        %V 72
                        %N 22
                        %P 45-49
                        %R 10.5120/12677-9420
                        %I Foundation of Computer Science (FCS), NY, USA
Abstract

With the growth of attacks and hacking activities, the organizations are becoming more security conscience. The scope has changed from technical problem to a business problem within an organization. High cost is incurred to implement security policy and procedures and is viewed as an investment. However, in the quest of getting secure, the organizations hastily employ hackers to exploit the vulnerability of their system. This paper is an attempt to identify the ethical problems and legal implications associated with such act and the care to be taken before employing any outsider or insider who can break into the network and find its weaknesses. If these issues are not addressed before the implementation and deployment of the given security policies and procedures, the organizations can land themselves in serious legal actions which they may repent later.

References
  • Susan C. , "Vulnerability Assessment", SANS Institute Reading Room Site, July 6, 2001, Version 1. 2e
  • Verma, S. , Singh, T. 2012. Automated Multilevel Defence Model to Investigate Packets for Web Interface. 9th International Conference on Wireless and Optical Communications Networks
  • Verma, S. , Singh, T. 2011. Multilevel Defence Model to Secure Large organizations using Effective Network Management Strategy and Honey pots. 3rd International conference on future computer and Communications, 231-236
  • Shah S. 2002. Top Ten Web Attacks, Net –Square, Singapore
  • Derek Cheng D. 2004 . Web Server Security Assessment: An Independent Auditor's Perspective. GIAC Practical Repository. SANS Audit.
  • Vachon, R. G. 2008. Accessing the Wan, 190- 298. Pearson Education
  • Cebula, J. J. , Young, L. 2010. A Taxonomy of Operational Cyber Security Risks, Software Engineering Institute, Carnegie Melon
  • Xynos, K. , Sutherland, I. , Read, H. , Everitt, E. , Blyth, A. 2010. Penetration Testing and Vulnerability Assessments: A professional Approach. Ist International Cyber Resilience Conference. Edith Cowan University. Australia
  • Spitzner, L. , Chapter 8. Know Your Enemy. Addison Wesley, 225- 253
  • Gilmore C. , Kormann D. , Rubin A. D. 1999. Secure Remote Access to an Internal Web Server. AT& T Labs IEEE Network: The Magazine of Global Internetworking. NJ,USA. Volume 13 Issue 6, November 1999, 31-37
  • Web Legal Audit, http://www. bizandlegis. com/casestudy/web-legal-audit. html
  • Cyber Forensics in India, March2, 2013, http://cyberforensicsofindia. blogspot. in/2013/03/regulations-and-guidelines-for. html
  • Information Technology Act 2000 http://deity. gov. in/sites/upload_files/dit/files/downloads/itact2000/itbill2000. pdf
  • CERT statistics (Historical), Software Engineering Institute, Carnegie Mellon, http://www. cert. org/stats/
Index Terms
Computer Science
Information Sciences
No index terms available.
Keywords

Log Monitoring Risk Analysis Legal Implications

Powered by PhDFocusTM