Also enables servers that disclose information to millions of users, allows hackers, crackers,

criminals and other "bad guys" break into the same computer where web servers are running.
Companies, institutions and governments increasingly use the WWW (World Wide Web) to
distribute important information and conduct commerce. Violating web servers can damage
reputations and lose money
While the web is easy to use, the servers are extremely complicated software parts and have
different potential security flaws.
It is much more expensive and time-consuming recovery of a security incident to implement
preventive measures.
PUBLICIDAD: Web servers are the face that organizations have the public and the electronic world.
A successful attack on any of them are public act that can be seen in a few hours by hundreds of
thousands. The ataqes can jump on ideological or financial reasons, or be simple acts of vandalism
wing random.
COMERCIO: Many web servers are related to trade and money. In fact the integrated
cryptographic protocols to netscape browser and other browsers were originally included to allow
users belonging send credit card numbers over the Internet without worrying that were
intercepted. Thus, Web servers have become repositories of sensitive financial information, which
becomes the attractive targets for attacks.
INFORMACION CONFIDENCIAL: For organizations, the web technology has convetido in a way to
distribute inforacin with great simplicity, both internally to its own members, and externally to
partners worldwide. This confidential information is an attractive blacno for your competitors and
enemies
ACCESO A LAS REDES: When used by people both inside and outside the organizations, web
servers effectively serve as a bridge between the organization's internal network and external
networks. Its privileged position as a web server can be used as a basis violated to attack from
there to the computers of an organization.
EXTENSIBILIDAD EN LOS SERVIDORES: By its nature, the servers are designed to be extensible, or
which makes it possible to connect to databases, legacy systems and other programs properly, the
module that appends. If not implemented properly, the modules that are added to a server can
compromise the security of the entire system.
INTERRUMPCION DEL SERVICIO: As the technology of the web is based on the family of TCP / IP
protocols, is subject to service interruptions: already accidentally or intentionally through denial of
service attacks. People who use this technology must be aware of their failures and prepare for
major imterrupciones of sevice



SOPORTE COMPLICADO: Browsers need domestic services, such as DNS (Domain Name Service)
and IP Routing Protocol were (internet protocol). To function well. The robustness and reliability of
such services may be unknown and vulnerable to programming errors, accidents and subversion,
subversion of a lower level of service can also cause problems to browsers


Objetivos
Information Security is the set of procedures, strategies and tools to ensure the integrity,
availability and confidentiality of information of an entity.
INTEGRIDAD: It is necessary to ensure that data is safe from unauthorized changes, loss of
integrity may end in fraud errones step decisions or other attacks. The system contains
information that must be protected from unintended modification, unauthorized or accidental,
such as information systems and financial census or transactions.
DISPONIBILIDAD: This refers to the operational continuity of the entity, the loss of availability may
involve the loss of productivity or credibility of the institution. The system contains information or
provides services that must be available in time to meet requirements or to avoid substantial
losses, as safety critical systems and protection of life.
CONFIDENCIALIDAD: It refers to the protection of data against unauthorized dissemination, loss of
business or credibility. The system contains information that requires protection against
unauthorized disclosure, reporting partial information, proprietary business information.
These aspects also to deal with the risk posed by remote attackers, are also threatened by
extinction risk for natural disasters, disloyal employees, viruses and sabotage, among others.