StudentShare
Contact Us
Sign In / Sign Up for FREE
Search
Go to advanced search...

Web Server Application Attacks - Assignment Example

Cite this document
Summary
Web Server Application Attacks.
In this type of web application attack, malicious SQL queries execute unexpected actions through web applications, and disturb the back-end of the web application…
Download full paper File format: .doc, available for editing
GRAB THE BEST PAPER96.8% of users find it useful
Web Server Application Attacks
Read Text Preview

Extract of sample "Web Server Application Attacks"

Download file to see previous pages

This keeps the web application safe from malicious user inputs. Session Security Vulnerabilities. When session ID’s are sequential and persistent or when session tokens are not protected, one user may access another user’s data through assuming the other user’s identity. To mitigate this, session ID’s must be random and must expire when a user logs out of the session. Session tokens must be protected and invalidated when the user logs out. 3. Authentication Vulnerabilities When server does not authenticate a user before giving him access to a web application, he may gain access to sensitive information and mishandle it.

To counter this problem, the user must apply authentication rules like HTTPS. User must ask for authentication after specified intervals. Access control must also be implemented. Part 2 Protecting Web Servers from Denial of Service (DoS) Attacks Denial of Service (DoS) attacks prevent web servers from serving websites to genuine users. These attacks are, mostly, targeted toward professional websites run by political or other important organizations, in order to hinder their web presence to their clients and users (AppliCure Technologies, 2013).

However, small businesses are also not free of such threats. The websites cease to operate partially or fully. A DoS intrusion detection architectural design is a must-use in order to prevent such attacks. Mell, Marks & McLarnon (2000) have discussed this architecture in their article, in which intrusion detection software (IDS) components are hidden from the attacker. In case the attack is successful, IDS components are shifted from the attacked host to functional host, where they counter with the attack successfully.

This is done by by using mobile agent technology and network topology features. The communication between various IDS components is also restricted (Mell, Marks & McLarnon, 2000). Part 3 a. Basic motivation behind the attack on the Justice Department, as hackers themselves stated, was that they wanted to “release government data” (Zabarenko, 2013, para.1). They were also outraged over the death of the late computer prodigy Aaron Swartz, who had committed suicide on January 11 this year. He had been facing trial for stealing millions of online JSTOR articles. b. I would have used Ping of Death, as it is a dummy ICMP packet receiving fragments of ping, and resembles the real packet.

It becomes too big for the buffer once reassembled, which starts overflowing, and thus, the system hangs (Canavan, 2001, p.39). I would use this because there are freely available source code examples on the internet for Unix to create large ping packets. It is very easy to ditch the user through fake ping packet. c. Web server application attacks are not as easy as they may seem, because there are many different kinds of anti-virus softwares, intrusion detection softwares, and user input detection and encoding softwares that are being implemented nowadays.

These special softwares make it very hard for the attackers to succeed in their attacks. Part 4 To maintain a secure web presence, Federal government organizations need to maintain special mitigation strategies. Designing an information security policy is the first step towards the implementation of information security (Danchev 3). A security policy acts as a centralized crucial document that will help in eliminating the risk of security breaches by securing the confidential information stores from getting disclosed to unauthorized persons.

It defines the importance of a

...Download file to see next pages Read More
Cite this document
  • APA
  • MLA
  • CHICAGO
(“Web Server Application Attacks Assignment Example | Topics and Well Written Essays - 750 words”, n.d.)
Retrieved from https://studentshare.org/information-technology/1488388-web-server-application-attacks
(Web Server Application Attacks Assignment Example | Topics and Well Written Essays - 750 Words)
https://studentshare.org/information-technology/1488388-web-server-application-attacks.
“Web Server Application Attacks Assignment Example | Topics and Well Written Essays - 750 Words”, n.d. https://studentshare.org/information-technology/1488388-web-server-application-attacks.
  • Cited: 0 times

CHECK THESE SAMPLES OF Web Server Application Attacks

Causes and Effects of the 9/11 Attacks on the World Trade Center

This research evaluates and presents causes and effects of the 9/11 attacks on the world trade center.... The 9/11 attacks on the World Trade Center was one of the most highly devastating and perhaps the worst episode of American history after the Civil War and the World Wars.... The paper tells that a fourth possible explanation for the 9/11 attacks was perhaps Osama Bin Laden's own response against the support that the United States has given to Israel especially when the United States helped Israel invade southern Lebanon in 1982....
5 Pages (1250 words) Admission/Application Essay

A Polite Question about Turf

For example, should unauthorized personnel access our server room, they could very well bring the company to a standstill simply by uploading a virus.... Further according to this outline, access to both of our departments and the company's dedicated server room will also be automated and restricted to authorized personnel whose identity has been authenticated.... In other words, cooperation and coordination over identification, authentication and the securitization of the more critical and vulnerable of the physical spaces (both our departments and the server room, among others) is the aim....
4 Pages (1000 words) Admission/Application Essay

Sinkiang violence in China

A group of Uyghur separatists are of the opinion that the region which they call East Turkestan is not in China's territory even… Human rights watch as well as Amnesty international is of the opinion that the resentment shown by Uyghur towards the repression of their On the contrary, some of the Han Chinese who also oppose the movement are not happy at being considered as second rate citizens by the policies that are associated by the People's Republic of China whereby the ethnic autonomy policies discriminate against them....
5 Pages (1250 words) Admission/Application Essay

Health Consequences from Exposure to Tetrachloroethylene

It is usually in liquid form and is colourless.... The chemical is mainly used for dry-cleaning of fabrics and people usually refer to it as “dry-cleaning fluid.... ?? Tetrachloroethylene is a potent solvent for organic… The chemical nature of this chlorocarbon causes it to be an important agent in various industries....
8 Pages (2000 words) Admission/Application Essay

Book analysis

The notion of organizational development, also acknowledged as OD, is fundamentally described as the efforts executed for developing the entire organizational performance.... These efforts can be measured in the form of making effective planning, managing human resources (HR) and… Apart from these, the other efforts comprise adopting and implementing dynamic leadership practices, promoting the notion of change management, developing the settings of performance , strengthening team building approach, forming effective communication amid every organizational member and most vitally maintaining their work-life balance among others....
16 Pages (4000 words) Admission/Application Essay

The Strategy for Marketing of A-Z Pharmaceuticals

The pharmacy shall sell prescriptions at the lowest prices members of the community can find on the market by maintaining effectively… These parts entail those clients who cater for their prescriptions without external support.... This section of the market shall A-Z Pharmaceuticals extra efficiency because the pharmacy Business activities at A-Z Pharmaceuticals will be under one store with the capacity to serve customers walking in and out as well as mail orders....
12 Pages (3000 words) Admission/Application Essay

The Cost of Health Care Insurance

This essay focuses on the cost of healthcare insurance.... The health prevention model will greatly reduce the need for such services.... If that happens then a whole industry will decline.... It is necessary to continue to struggle with the need for insurance for those who are on a program to sickness....
7 Pages (1750 words) Admission/Application Essay

Purpose of the Global Names Zone

The RODC will usually send an LDAP referral response redirecting application requiring write access to active directory to a writable domain controller.... RODC differs from the ordinary domain controllers in that they allow an application requesting write access privileges to write the active directory.... The DNS stores different types of resource records, is independent of the IP version and it is seen as an IP application.... In the paper “Purpose of the Global Names Zone,” the author discusses the global name zone, which gives a chance to companies of moving to a DNS without the need for a WINS server....
2 Pages (500 words) Admission/Application Essay
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.
Contact Us