StudentShare
Contact Us
Sign In / Sign Up for FREE
Search
Go to advanced search...
Free

Web Server Hacking - Essay Example

Cite this document
Summary
The paper "Web Server Hacking" highlights that the computer system is exposed to very many potential intruders. The intruders may attack the target system through a number of attacks including black hat attacks, DoS attacks, port scan attack, SYN Flooding attack and buffer flow attacks…
Download full paper File format: .doc, available for editing
GRAB THE BEST PAPER92.5% of users find it useful

Extract of sample "Web Server Hacking"

Web Server Hacking Introduction In daily activities of people, the internet has grown into an integral element that does not only work as an entertainment platform, but communication, data collection, selling products, research and other business processes are some of the applications of the internet at the workplace. Potential employees benefit from online application of jobs and recruitment. Customer support services are more efficient when performed electronically as more customers get to access the services at the same time. As a result of the transmission of sensitive financial and confidential information, cyber criminals have chosen to engage in illegal activities over the internet. To add to the attraction and profitability of these hacking attacks is the proliferation of insecure web applications (Zachary, 2006). These attacks on computer systems with negative intent are not new. They go as far back as the eighties when hackers used their skills to break into computer systems and perform their illegal activities. The advent of web based applications, though, has led to the increase of sophistication in hacking attacks. The skill required to perform these attacks, on the other hand has lessened proportionately. In order to understand the need for security in one’s computer system, he or she should realize the risks involved. Most operating systems have a default configuration that is not designed with security as the chief focus. The default setup, instead, focus on functionality, communications and usability. There is therefore a need to understand the server vulnerabilities in a system in order to perform particular functions to improve security (Leyden, 2002). It is hence clear that web server hacking is an important topic that should be evaluated in detail and understood by users of computer systems. Discussion of Web Server Hacking When one tries to break into or use a computer system wrongly, he or she is considered an intruder. ‘Using wrongly’ is not a restricted term and can be used to represent an act of stealing confidential information or a minor offense of just misusing one’s email for spam (Zachary, 2006). Presently, more people both through the internet and corporate intranets are continuously attempting to test the various systems’ security. The motive differs in every instance but revenge and stealing for profit are some of the motives driving intruders. ‘Hacker’ and ‘attacker’ are the two terms that are used in describing a person who tries to get into networks and systems. An individual that likes to get into their computer system and establish how it works is a benign hacker. The one that gets into other people’s computer systems and networks is malicious hacker. ‘Attacker’ is a term benign hackers prefer the media would use to distinguish the malicious hacker from the benign hackers. An attacker is either an insider or an outsider. An insider can access the victim’s internal network legitimately. However, he or she misuses their privileges or impersonate users who are higher privileged. In most insider attack cases, the motive is either greed or revenge. An outside attacker defaces the victim’s web server or uses other means to attempt to attack the victim’s external presence from outside their network (Zachary, 2006). The motives in an outside attack are several and the possible attackers may range from random internet users to a partner network that is linked to the victim’s corporate network. The intruder can either access the target system through physical, remote or system intrusion. Physical intrusion applies when the attacker can access the victim’s machine. Here, the attacker can either take part of the machine (e.g. a hard drive) and read/write it on another machine or utilize special privileges granted at the console (Zachary, 2006). Remote intrusion applies when the attacker tries to get into the system remotely across the network. No special privileges are available to the attacker as he or she starts intruding. System intrusion applies on the assumption that the attacker has a level of privilege user account that is low. The attacker, through the use of a known exploit, can access administrative privileges if no latest security paths are available on the system. Web server attacks usually involve remote and system intrusions. DoS, DDoS and Black hat are types of web server attacks (Leyden, 2002). Denial of Service (DoS) is a type of attack where the computer resource is made unavailable to the intended user. A stream of requests is sent to a service on the server machine by the attacker so that all the resources may be exhausted. The attack involves flooding service ports, flooding mail servers, jamming networks and mis-configuring routers (Najmi, 2004). Distributed DoS (DDoS) is an attack whereby a daemon or agent is installed by the hacker on numerous hosts. A master who resides in any of the several hosts receives a command from the hacker which it then communicates to the agents that reside in the other servers calling for the attack to begin. Blocking one IP address or network cannot stop a DDoS attack hence it is more difficult to combat it. In this attack, traffic derives from hundreds or thousands of individual systems. The attack involves send mail attack, SNMP attack, SYN Flooding attack, IP fragmentation attack, Port scanning attack and FTB Bounce attack (Najmi, 2004). File Transfer Protocol (FTP) is the application used in transferring data and documents anonymously from the local machine to the server. The reverse also works. The FTP bounce attack slips past the application based firewalls in its attack. A file is uploaded to the FTP server by the hacker in this attack and a request to send this file to an internal server is performed. This file can either contain malicious software or a simple script which will occupy the internal server and use up all the memory as well as the CPU resources (Najmi, 2004). When a person uses software to systematically scan the entry points on another person’s machine, this is termed as a port scan. This software can be used legitimately in managing a network. An attack of this kind would entail a hacker entering into someone’s system and changing the set-up configuration, capturing passwords or leaving unidentifiable harassing messages. SYN flooding attack is one that identifies the TCP/IP communications protocol’s vulnerability and exploits it (Najmi, 2004). A non-existent system is created in the attack and the victim machine keeps responding to it. Packets are sent to the victim and it is asked to respond to a system or machine with an incorrect IP address. During its response the victim machine is flooded with the requests. A waiting period is initiated as the requests await a response until the packets start to time out and are dropped. The victim system is hence consumed by the request during this waiting period therefore it cannot respond to the legitimate requests. Reduction of size of IP packets or breaking them into smaller parts is a function performed sometimes in order to facilitate IP transition to take place over comparatively congested networks. Routers and intrusion detection systems will allow the packets to pass without any examination since they are small and their contents cannot be identified (Najmi, 2004). Due to the overflowing of the buffer once the packet reassembles at the other end, the machine might hang, reboot or show no effect whatsoever. A send mail attack involves a lot of messages being sent in a short period. Other attacks on web server are SQL injection, Bruce force attacks and cross-site scripting. Cross-site scripting is a major problem on websites since a vast majority of websites are vulnerable (Leyden, 2002). An arbitrary code on either the server or the client is run. The input strings, in either such boxes or forms, may not be properly sanitized so they can remove illegal characters. The non- sanitized string can escape the code of the form hence execute its own code that is hosted on another site and in this way the client’s machine will be exploited. SQL injection attack works on the same principle as XSS with the unsanitized strings injecting an SQL query into the database (Anderson, n.d.). The query inserted can either be new or request current information. In this way dozens of enumerated usernames will be created hence leading to compromise of a user account. Brute force attack applies when a list of passwords for a particular username are checked as the attacker attempts to guess the right one. A dictionary file catered to the intruder’s attack vector would guess the passwords more quickly. The user’s security question can also be used if the attacker has gathered enough information about the user. Web server vulnerabilities are used to determine exploitable points in a system. Remote code execution is a vulnerability which permits a hacker to retrieve any information they desire contained in the system through running arbitrary system level code on the vulnerable server (Siddhartha, 2010). SQL injection is another vulnerability that enables an attacker to retrieve important information from the database of a web server. Format string vulnerability arises when unfiltered user input in particular Perl or C functions that perform formatting as the format string parameter (Siddhartha, 2010). Reading, writing and denial of service are the three categories that this attack falls into. Cross-site scripting vulnerability involves the execution of a malicious URL by the victim whereby the executed URL is crafted in a way that makes it appear legitimate at first look. Username enumeration is a vulnerability that uses the backend validation script to inform the attacker whether the supplied username is correct or wrong. The attacker hence experiments with various usernames and with the help of these error messages the valid usernames will be determined (Zachary, 2006). In order to determine the vulnerabilities in one’s web server, scanning is carried out. Whisker is a web scanning tool that identifies web pages which have known security problems or the ones that should be removed in order for the web document root to be clean. In addition, it can initialize brute force attacks to block sites using HTTP basic authentification (Siddhartha, 2010). The author of this scanner, though, has not recently updated it. Zachary (2006) explains that stealth is a fast and comprehensive scanner which scans a range of IP addresses hence blocking sites that are potential threats. A disadvantage of stealth is that it cannot input a file list of IP addresses therefore focusing on specific servers or a web farm is impossible. Nessus is a web server vulnerability checker that scans servers for vulnerability. Nessus is even more advantageous as a scanner since it is not restricted to web servers only. More effort is spent setting up this scanner compared to stealth and whisky but it is actively maintained and has vulnerability checks that are up to date. TWWWscan/ Arirang are also a vulnerability scanner. The scanners evaluated are measures implemented to enumerate all user input fields and combat attacks. These measures that are put in place so that the surface of vulnerability can be reduced can be termed as Server hardening (Najmi, 2004). Once the number of available vectors is reduced, the surface of vulnerability is also reduced hence securing the system. Removal of unnecessary, usernames, logins, software and services are some of the actions taken to reduce these vectors. Various methods can be used to harden UNIX and Linux systems. They include applying a patch to the kennel, installing systems to detect intrusion and ensuring open network ports are closed (Najmi, 2004). Hardening scripts and tools can also be used in the process. Conclusion The computer system is exposed to very many potential intruders. The intruders may attack the target system through a number of attacks including black hat attacks, DoS attacks, port scan attack, SYN Flooding attack and buffer flow attacks. The vulnerability points that may be exploited are format string, remote code execution, SQL injection, username enumeration and cross-scripting vulnerabilities. In order to combat these vulnerabilities, scanners are used to scan the server and identify the vulnerabilities before they can be exploited by the attackers. These scanners are examples of the hardening processes used in order to secure the system. Despite all the efforts made by computer experts, the vulnerabilities can never be completely eradicated therefore web server attacks cannot be completely eliminated. However, they can be reduced through continual research and sophistication of approaches used in combating server attacks. References Anderson, C. (n.d): What are the common types of attacks on web servers? Tech Tips Demand Media. Retrieved September 21, 2011 from http://techtips.salon.com/common-types-attack-servers-2062.html Leyden, J. (2002): Web server vulnerability reaches all time high. The Register. Posted July 4, 2002. Retrieved September 21, 2011 from http://www.theregister.co.uk/2002/07/04/web_server_vulnerability_reaches_all/ Najmi. S (2004): Types of attacks on web servers. Techi Warehouse. Retrieved September 21, 2011 from http://www.techiwarehouse.com/engine/21b0d480/Types-of-Attacks-on-Web-Servers Siddhartha, S (2010): Five common Web application vulnerabilities. Symantec (Posted November 2). Retrieved September 21, 2011 from http://www.symantec.com/connect/articles/five-common-web-application-vulnerabilities Zachary, W. (2006): Hacking: The Basics. Retrieved September 21, 2011 from http://www.sans.org/reading_room/whitepapers/hackers/hacking-basics_955 Read More
Cite this document
  • APA
  • MLA
  • CHICAGO
(“Web Server Hacking Research Paper Example | Topics and Well Written Essays - 2000 words”, n.d.)
Web Server Hacking Research Paper Example | Topics and Well Written Essays - 2000 words. Retrieved from https://studentshare.org/information-technology/1580390-web-server-hacking
(Web Server Hacking Research Paper Example | Topics and Well Written Essays - 2000 Words)
Web Server Hacking Research Paper Example | Topics and Well Written Essays - 2000 Words. https://studentshare.org/information-technology/1580390-web-server-hacking.
“Web Server Hacking Research Paper Example | Topics and Well Written Essays - 2000 Words”, n.d. https://studentshare.org/information-technology/1580390-web-server-hacking.
  • Cited: 0 times

CHECK THESE SAMPLES OF Web Server Hacking

Securing Windows and Unix/Linux Servers

ne of the measures for securing a network server is through addressing physical security.... In some cases, it is vital that network server administrators install password policies that ensure all passwords used in their networks meet a set of standards (Shelly & Vermaat, 2010)....
3 Pages (750 words) Case Study

Microsoft ISA Server

The paper "Microsoft ISA Server" studies threats of the IT world due to increasing theft and hacking.... The backdrop of these concerns is the evolution of the ISA server.... hellip; Microsoft is one of the biggest manufacturers of operating systems but this company is trying to present itself as one of the leading provider of complete IT solutions concerning business besides providing operating systems so, they came up with Internet Security and Acceleration server (ISA server)....
10 Pages (2500 words) Case Study

Web Server Application Attacks

Such an attack could target the web server or the network utilities that support it with the intention of hindering or denying legitimate users from leveraging the web server services. One mitigation… Some of the particular methods to accomplish this would be to set a limit on the level of hard drive space designated for uploads and installation of web A command injection attack refers to an attack aimed at compromising the sensitive information featured in the back end database that supports the interactive aspects of a web application....
4 Pages (1000 words) Research Paper

Virtualization and Security

hellip; The user should take caution against threats against virtualization such as theft, virus hacking, Trajons and several others.... This protects data from malware and hacking.... The paper "Virtualization and Security" discusses that most of the organization nowadays adopts the method of storing data in the virtual server instead of using a physical server.... his classification of virtualization involves merging of physical storage system mainly obtained from multiple server network storage located on the web....
9 Pages (2250 words) Essay

Security Architecture, Quality of Hertford Fashions Service Applications and System Infrastructure

This type of simulation tests the client's server security firewalls and internal Web servers among other security implementations.... It recaps the findings, analysis and recommendations from the assessment, which was undertaken across the Internet.... It documents the findings for the security… The purpose of the test was to use exploitation capacity in identifying and validating potential vulnerabilities across the network infrastructure within scope. HertfordFashion is a leading This has made it critical to take countermeasures to avert any exploits that can cause losses....
16 Pages (4000 words) Essay

The Major Security Threats

In this scenario, this report covers some of the most important security threats, such as Session Hijacking, SQL Injection, Hacking a web server, Hacking a Wireless Network, and Hacking Mobile platform.... This report presents the results of experiments performed with Kali Linux for web penetration testing.... One way to deal with these security challenges is to develop web applications that are harder to break....
8 Pages (2000 words) Term Paper

Information Security

The IT facilities owned by Check Point encompass web servers, SQL Accounting servers, DNS servers, File server, Microsoft Exchange Mail server, Active Directory Main Controller, Proxy server, Share Market Analyzer server, SMS server as well as CRM Database server....
22 Pages (5500 words) Case Study

Transcorp Company System Security

During the process of changing the equipments and the installation of new operating systems, some workstations will be used for Microsoft Office applications and others will be used infuture for graphics and web design applications as the company attempts to expand its E-commerce funtionality....
8 Pages (2000 words) Case Study
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.
Contact Us