How To Protect Your Webserver From Getting Hacked? Filed under ( Webserver Security )

It has been a while since I haven't posted on RHA, that's because I was extremely busy with my university stuff and had absolutely no time for blogging, However today I finally managed to get some time for posting on RHA, In my previous article related to webserver security section I told you some ways which hackers can use to compromise your webserver, However in this article I will tell you how to protect your webserver from getting hacked or being compromised.

Well there are variety of methods you can implement to protect your webserver, but  I will not be covering all of those method because it will take alot of time explaining the concepts.

WebApplication Security

Most of the webservers get compromised due to the vulnerability in their webapplication, some of the most common existing webapplication vulnerabilities are SQL Injection, Cross site scripting, Local file inclusion etc, These vulnerabilities usually due to improper or poor coding of web applications.

How do I find if these types of vulnerabilities really exist in my webapplications?

Well unless you are a penetration tester or have proper information related to these types of vulnerabilities, it is really difficult for you to find these types of vulnerabilities, A better option is to use a vulnerability scanner like Nessus or Acunetix.

Read More About finding a vulnerability in your website - How To Find A Vulnerable Website?

SSL(Secure Socket Layer)

SSL is not really necessary until you are running an ecommerce website or a website where you want the communication to be secure, If you are wondering what is SSL(Secure Socket Layer), Kindly read my article on What is SSL(Secure Socket Layer)

Password Cracking Attacks

As I told you in my previous article that some of the popular password cracking methods include:

1. Brute Force Attacks

2. Dictionary Attacks

3. Rainbow Tables

Here is a simple tip on how you can avoid these types of attacks - Keep Strong passwords, Now what do I mean by a strong password, read my post on How to create a strong password

Use Of Firewalls

Firewalls are usually designed from stopping attackers from evading a website, A firewall is basically a gateway used to allow or deny access, but are firewalls enough to protect your webserver?
The answer is "no", The administrator need to open ports like 80, 21, 25 etc to allow the firewall to give the users access to services like website, email, ftp etc, which leaves these services vulnerable to attackers.

What if some one sends a virus attached with an email through a mail server behind a firewall, The firewall will not be able to block these types of attacks, Hopefully I will explain this stuff related to firewall security in my upcoming articles.


Update Your Webserver Regularly

Vulnerabilities are created and pathed every day, so you need to make sure that you update your webserver and install latest patches and fixes.

Intrusion Detection System

An intrusion detection system (IDS) is used to monitor the entire network, it detects intruders; that is, unexpected, unwanted or unauthorized people or programs on network, If you want to know more about Intrusion detection system kindly read the following post, It will give you a better understanding of IDS

• An Overview Of Intrusion Detection System

Certainly these methods aren't enough too for a total security, however I will continue the series of articles related to webserver security, Moreover I have also finished writing my newset book "An Introduction To Keyloggers, RATS And Malware" which I will be releasing very soon and the best part is that it will be free for all.

What methods do you use to secure your webserver?

Types Of Server Sides Risks? Filed under ( Webserver Security )

People require high security for internet. Most of people find it convenient to manage their bank accounts and business with the help of the internet. In such situation, the web security becomes the most important field in the network security. The interactive forms are written in HTML. Users type the information and send the request to the server to store the information by the user. 

The request launches a script on the server that processes the data supplied by the user but the result may be much unexpected which raises the need for server side security. URL Manipulation, unexpected user input, cross site scripting, buffer overflows and heap overruns are all famous known server side risks. All of these risks will be explained in this article. 

1. Conventional security

Conventionally, a firewall is placed between the web server and the internet so all the HTTP traffic reaching the web server will be secured. The firewall will allow only that traffic to the web server which fulfills all the requirements of the firewall. In this way, the web server can be saved from attacks to a great extent. 

2. URL Manipulation

In URL manipulation, some parameters of URL are changed to get different results. The user id present in the URL can be manipulated to get the access of the account of any other user. If * is placed at the place of user id, one can get the list of all the members listed in the data base. Input of any user can be accessed and manipulated present on the page which is the great threat to security and privacy. If there’s a site about Medifast and Nutrisystem coupons containing personal details of different users, then you can manipulate the URL to access personal details of other users.

3.  Unexpected User Input

When the server gets the unexpected user input, crashing of the server is the best reaction. Otherwise it will provide the control of the server to the attacker. The attacker may then use the server for whatever he wants to do. He can corrupt your database, download complete database and delete your database. If you don’t have a backup, what are you going to do?

4. Cross site scripting

In cross site scripting, attackers place malicious script on the trusted host’s end. The user may download that malicious script from the trusted host without realizing that this code is dangerous for the security. Sometimes, the server displays error page but due to malicious code, it may appear as a normal login page to the user. The user will enter the required information which can be misused as it will be sent to the attacker.

5. Buffer Overflow

The attackers may launch the attacks which results in access violation, instability and code injection. It may destruct the data stored in the database, causes the malfunctioning of software and many other destructive actions could be performed.

But what’s the solution then? You need to consider a few points to overcome the server side risks. Cryptography should be used to send the whole data in the query string. On the server side, the user input should be filtered and all the characters which are used in the scripting language should be removed.

About The Author

This article is written by Saksham, he loves loves to write on health and related topics. He writes a blog on diet and weight loss program sites that offer coupon code for Medfast and coupons for Nutrisystem meals.

Web Server Hacking Techniques Filed under ( Webserver Security )

Lots of people know use, configure and manage their webservers but only few of them really know how to protect their web server from getting hacked i.e making it hack proof. Today lots of websites are hosted on a dedicated web servers so it's extremely important to make your web server hack proof in order to prevent any theft and data loss, Before I mention techniques used by hackers to compromise a web server and how you can protect your web server you should know what a web server is and how it works.
What is a webserver?

Basically a webserver is a single computer or more used to host websites, For a website to be available to every one (connected to internet) 24/7 it needs to be hosted on a webserver

How webservers work?

Webservers work in a simple manner, When ever you are using browser to surf any page your browser will request that particular page from the webserver and the server sends back the requested page.

 

The above picture illustrates how a webserver works.

How Are Webservers Compromised Or hacked?

There are multiple reasons why a webserver gets compromised or hacked, one of the major reason is installing the webserver with default and lack of updates and weak passwords. Once the server is compromised the hacker can use it to do malicious things online. For Example Hacked webservers can be used to as zombies to for performing a more powerful DDOS attack

Webserver Hacking Techniques

Below mentioned are some of the techniques which can be used by malicious hackers to compromise a webserver.

Orthodox Password Cracking Techniques

1. A hacker can use variety of password Cracking Techniques such as Brute force, Dictionary attacks and rainbow tables to crack weak administrator account passwords, However these attacks create huge logs of presence, so therefore smarter hackers either use a proxy or any other iP hiding method or they use already compromised systems to perform the attack.

2. Man In The Middle Attack

A hacker can also perform a man in the middle attack also known as ARP poisoning to steal credentials of administrator account.

3.  Keyloggers And Trojans

If A hacker can manage to install a trojan or a keylogger on administrator's computer then, the malicious hacker can easily capture the credentials

4. DNS Cache Poisoning Attack

If a hacker can manage to insert fake address records for a domain name into DNS server and can make the webserver accept the fake address record then the hacker or intruder can easily control your browser, This attack is extremely dangerous as it happens without the users knowledge, The topic is quite big and is not possible to explain it here, depending upon readers response I might make a seprate tutorial on this attack

There are many other techniques used by hackers such as Ftp server intrusion, social engineering, exploiting web application bugs which are probably to be explained in the upcoming posts at rha.

Hope you have enjoyed reading the post and have probably got some idea how hackers can attack your web server, In the next post I will continue the series and will introduce some methods you can use to protect your webserver from getting compromised.