Michelle J. Gosselin, Jennifer Schommer Guanzhong Wang.

Slides:



Advertisements
Similar presentations
Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.
Advertisements

CMSC 414 Computer and Network Security Lecture 26 Jonathan Katz.
Module 5: TLS and SSL 1. Overview Transport Layer Security Overview Secure Socket Layer Overview SSL Termination SSL in the Hosted Environment Load Balanced.
CSE 461 Section. “Transport Layer Security” protocol Standard protocol for encrypting Internet traffic Previously known as SSL (Secure Sockets Layer),
BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 13: Administering Web Resources.
(4.4) Internet Protocols Layered approach to Internet Software 1.
Web Server Administration TEC 236 Securing the Web Environment.
DESIGNING A PUBLIC KEY INFRASTRUCTURE
CS470, A.SelcukReal-Time Communication Issues1 Real-Time Communication Security IPsec & SSL Issues CS 470 Introduction to Applied Cryptography Instructor:
System and Network Security Practices COEN 351 E-Commerce Security.
Web Communication Client attempts to “pull” information from server – http message sent across Internet by TCP/IP* – packet switching used to route message.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 13: Administering Web Resources.
K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.
بسم الله الرحمن الرحيم NETWORK SECURITY Done By: Saad Al-Shahrani Saeed Al-Smazarkah May 2006.
Web Servers How do our requests for resources on the Internet get handled? Can they be located anywhere? Global?
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.
OCT1 Principles From Chapter One of “Distributed Systems Concepts and Design”
ITS Offsite Workshop 2002 PolyU IT Security Policy PolyU IT/Computer Systems Security Policy (SSP) By Ken Chung Senior Computing Officer Information Technology.
Review for Exam 4 School of Business Eastern Illinois University © Abdou Illia, Fall 2006.
How Clients and Servers Work Together. Objectives Learn about the interaction of clients and servers Explore the features and functions of Web servers.
CP476 Internet Computing Browser and Web Server 1 Web Browsers A client software program that allows you to access and view Web pages on the Internet –Examples.
Apache : Installation, Configuration, Basic Security Presented by, Sandeep K Thopucherela, ECE Department.
 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.
APACHE SERVER By Innovationframes.com »
What is in Presentation What is IPsec Why is IPsec Important IPsec Protocols IPsec Architecture How to Implement IPsec in linux.
Linux Operations and Administration
INTRODUCTION TO WEB DATABASE PROGRAMMING
1 Infrastructure Hardening. 2 Objectives Why hardening infrastructure is important? Hardening Operating Systems, Network and Applications.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
Networks and Security. Types of Attacks/Security Issues  Malware  Viruses  Worms  Trojan Horse  Rootkit  Phishing  Spyware  Denial of Service.
Internet Business Foundations © 2004 ProsoftTraining All rights reserved.
CHAPTER 2 PCs on the Internet Suraya Alias. The TCP/IP Suite of Protocols Internet applications – client/server applications The client requested data.
Web Server Administration Chapter 10 Securing the Web Environment.
MCSE Guide to Microsoft Exchange Server 2003 Administration Chapter Four Configuring Outlook and Outlook Web Access.
Securing Microsoft® Exchange Server 2010
Implementing ISA Server Publishing. Introduction What Are Web Publishing Rules? ISA Server uses Web publishing rules to make Web sites on protected networks.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 13: Administering Web Resources.
5 Chapter Five Web Servers. 5 Chapter Objectives Learn about the Microsoft Personal Web Server Software Learn how to improve Web site performance Learn.
1 Apache and Virtual Sites and SSL Dorcas Muthoni.
Protecting Internet Communications: Encryption  Encryption: Process of transforming plain text or data into cipher text that cannot be read by anyone.
Computer Emergency Notification System (CENS)
COSC 513 Operating Systems Project Presentation: Internet Security Instructor: Dr. Anvari Student: Ying Zhou Spring 2003.
TCP/IP (Transmission Control Protocol / Internet Protocol)
1 Securing Network Services. 2 How TCP Works Set up connection between port on source host to port on destination host Each connection consists of sequence.
CITA 310 Section 9 Securing the Web Environment (Textbook Chapter 10)
Web Server.
1 Chapter Overview Creating Web Sites and FTP Sites Creating Virtual Directories Managing Site Security Troubleshooting IIS.
Web Technology – Web Server Setup : Chris Uriarte Meeting 4: Advanced Topics, Continued: Securing the Apache Server and Apache Performance Tuning Rutgers.
Web Server Administration Chapter 10 Securing the Web Environment.
Network and Internet Security Prepared by Dr. Lamiaa Elshenawy
Web Server Administration Chapter 6 Configuring a Web Server.
science/internet-intro
(ITI310) By Eng. BASSEM ALSAID SESSIONS 10: Internet Information Services (IIS)
Web Server Security: Protecting Your Pages NOAA OAR WebShop 2001 August 2 nd, 2001 Jeremy Warren.
IS 4506 Windows NTFS and IIS Security Features.  Overview Windows NTFS Server security Internet Information Server security features Securing communication.
Regan Little. Definition Methods of Screening Types of Firewall Network-Level Firewalls Circuit-Level Firewalls Application-Level Firewalls Stateful Multi-Level.
Spoofing The False Digital Identity. What is Spoofing?  Spoofing is the action of making something look like something that it is not in order to gain.
Lecture 6 (Chapter 16,17,18) Network and Internet Security Prepared by Dr. Lamiaa M. Elshenawy 1.
Unit 2 Personal Cyber Security and Social Engineering Part 2.
Web Server Administration Chapter 6 Configuring a Web Server.
Chapter 7: Using Network Clients The Complete Guide To Linux System Administration.
APACHE Apache is generally recognized as the world's most popular Web server (HTTP server). Originally designed for Unix servers, the Apache Web server.
TOPIC: HTTPS (Security protocol)
Unix System Administration
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 13: Administering Web Resources.
Chapter 7 – and 8 pp 155 – 202 of Web security by Lincoln D. Stein
APACHE WEB SERVER.
Protocol Application TCP/IP Layer Model
Designing IIS Security (IIS – Internet Information Service)
Presentation transcript:

Michelle J. Gosselin, Jennifer Schommer Guanzhong Wang

 Linux is mainly used for setting up network server. Today the reports that server and websites are hacked by hackers can be seen almost every day; with the variety of network applications, the forms and methods of attacking are also changing. How to enhance the security of Linux server becomes one of the most important issues that concern the Linux system administrators.

 Linux system belongs to open source software. Because of its technical features like high stability and security, strong network load and small hardware demand, it has been quickly promoted and implemented since its birthday, and has developed into one of the mainstream server operating systems in the current world.

 Linux service includes contents of DNS, DFS, Samba, Sendmail, Posfix, Apache….. APACHE

 (1) The client (browser) and Web server will build a TCP connection. Then it sends an access request (like “get”) to the Web server. According to HTTP protocol, the request includes information like IP address, browser type and URL of the client.  (2) After the Web server receives the request, it turns the requested pages back to the client. If errors appear, it turns back an error code.  (3) Disconnect from the remote Web server.

 Install patches regularly The latest change log in are written: bug fix, security bug fix.  Hide and mask Apache version The method to remove Apache version number is to change configuration file/etc/httpd.conf.

Apache server includes four main directories as follows ServerRoot : save configuration file, binary files and other server configuration files. DocumentRoot : save content of Web sites including HTML files and pictures. ScriptAlias : save CGI script. Customlog and Errorlog : save access logs and error logs.

 Principle of least privilege is one of the most basic principles in system security. It restricts the least privilege required when users access the system and data, hence it guarantees that users could complete the operated tasks, meanwhile it also ensures the least loss caused by illegal users or abnormal operation.

group add webteam usermod –G webteam GW chown –R httpd.webteam Chmod –R 2570 /www/htdocs G means modify the additional groups where the users belong. R means change the same owner for all files in the current directory and subdirectories, which is to change one after one by pull over. SUID means that if a user set the permission on his own shell script, the other users performing this script will also have the same appropriate permission as the lord. GUID means the users who implement the corresponding script will have the permissions same with the user's group.

1. Forbid using catalogue index 2. Forbid default access If allow accessing the/var/www /html directory, please using the following settings: 3. Forbid user reloading In order to prevent users from overloading on this directory configuration file, it can be set: Order deny,allow Allow from all AllowOverride None

Apache servers are under the threat of DOS attacks all the time. It mainly includes the following several forms.  1. The flood attack of data packet  2. Disk attack  3. The router is inaccessible  4. The attacks of distributed denial of service

 Apache server realizes its defense of attack of denial service mainly through software Apache DoS Evasive Maneuvers Module. It is an alternative to mod access, against the attack of DoS. And this software could quickly deny repeated requests from the same address toward the same URL.

 Using a Web server with SSL can improve the safety performance of website. SSL protocol works between Linux TCP/IP protocol and HTTP protocol, SSL uses encryption method to protect the flow of information between Web servers and browsers. SSL is not only used to encrypt the data flow transmitted over the Internet, but can also provide authentication.

 1. The client application link includes the algorithm lists and other achievable information,  2. When the server responds to a link, it can confirm the algorithm needed by this communication, and sends its own certificate, which contains its own identity and public key,  3. After it receives a message, the client-side will generate a secret key, encrypt it and send it by using the web server's public key  4. Then the server uses the private key to decrypt and process it, so as to generate an encryption key, the session key is success in negotiation,  5. The client-side and the server both realize the session key, and use the session key to encrypt the data.

END

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.