Professional Documents
Culture Documents
Web Server Vulnerabilities And Security Measures: Members: Vũ Hoàng Đinh Hoàng Phi Instructor: Msc Nguyễn Duy
Web Server Vulnerabilities And Security Measures: Members: Vũ Hoàng Đinh Hoàng Phi Instructor: Msc Nguyễn Duy
Agenda
Web Server Vulnerabilities and Security Measures
1 2
Abstract Current Network Overview Security Exposure Cross Site Scripting SQL Injection Session Hijacking Denial Of Service
3 4 5
6
7 8 9
Security Measures
Conclusion
Page 1
Page 2
Analysis
Web Server Vulnerabilities and Security Measures
Templates
Dont have any mechanism for Web LB, and HA, dont have AV Software Web Server and Database Server are running on the same physical server
Page 3
Security Exposure
Web Server Vulnerabilities and Security Measures
DEFAULT CONFIGURATION
WEB SERVER
VULNERABILITIES
_ Applying default configuration makes the system and server the target of exploitation. _ An unprotected web application could lead to unmanagable, unusable services. _ Malicious and unwanted codes make the system vulnerable to attack
WEB APPLICATION
MALICIOUS CODE
Page 4
SQL INJECTION
Web Server Vulnerabilities and Security Measures SQL injection is a form of attack that the attacker taking advantage of weaknesses when the application queries the database to attack with the purposes: insert table, drop table, execute command to explore information of table, etc
Page 6
SESSION HIJACKING
Web Server Vulnerabilities and Security Measures
Session Hijacking is the process that steal session identifier of the active session, aims to pass the authentication process to gain illegal access to information or services of a computer system. When a user connects to the server through the authentication process by providing a user ID and password. After user authentication, they access the server and normal operation. During operation, the user does not need to re-authenticate. Attackers take advantage of this to steal the user's active session and the user is not connected to the system. Then the attacker to impersonate the user with just steal session, access to the server without having to log into the system.
Page 7
DENIAL OF SERVICE
Web Server Vulnerabilities and Security Measures
Denial of Service (DoS) is an attack technique with the intent of preventing a web site from serving normal user activity. DoS attacks, which are normally applied to the network layer, are also possible at the application layer. These malicious attacks can succeed by starving a system of critical resources, vulnerability exploit, or abuse of functionality.
Page 8
Security Measures
Web Server Vulnerabilities and Security Measures
WEB SERVER
Define approriate policies for your own needs Update the server periodically to get the full and final fix for your system
WEB APPLICATION
Use Mod_Security Check the log frequently and apply possible rules
SOURCE CODE
Modify / edit source code as your requirement to prevent possible attack. Update the lastest patch to fix vulnerabilities
Page 9
Web Server
Web Server Vulnerability and Security Measures
User and Password Policy
User and Password Policy
Page 10
Web Server
Web Server Vulnerability and Security Measures
System Patches
User and Password Policy
# yum list installed # yum list packageName # yum remove packageName Page 11
Web Server
Web Server Vulnerability and Security Measures
Change Default Port
User and Password Policy
Page 12
Web Application
Mod_Security Overview
ModSecurity is an open source web application firewall developed by Ivan RISTIC for the Apache Web Server.
Page 13
Page 14
Page 15
Page 16
Page 17
Page 18
Web Application
Prevent Session Hijacking
Page 19
Web Application
Prevent Session Hijacking
Page 20
Conclusion
1.
Web Server
2.
Administrators must always keep their eyes open for updates, fixes, patches available.
Web Application
Source Code
3.
There is never an unbreakable website but quickly, on-time updated websites and active, enthusiastic admins.
Page 21
THANK YOU!