Tip

Protect your Web servers

 

Protect your Web servers
David Gabel

HTML is a wonderful language for a number of things. For one thing in particular, it's really great: it's becoming a sort of universal communications language for e-business, which is good, to some extent. And as a result, HTML often passes through firewalls without any checking at the firewall. Once past, it can cause problems. But there is a solution, if you're running Microsoft's Internet Security and Acceleration Server (ISA Server).

Sometimes the HTML can be used as a transport vehicle for hackers, and they can drop nasty little code snippets into your operation that, if not caught, could be a problem for any applications that might want to make use of the info that comes in with an HTLM document or with an XML document.

But ISA offers the capability to do some filtering and stop information that isn't safe from getting to where it can do some harm. You can set up such a filter based on some simple data's presence in the document, and thus stop data that you don't want from coming in.

Microsoft offers a

    Requires Free Membership to View

Word document that explains this technique in great detail, along with sample code. The company doesn't support that code: it's intended as a sample that can spur your own development efforts.


David Gabel is Executive Technology Editor of TechTarget.


This was first published in November 2001

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

Disclaimer: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.