Interneto serverių apsaugos priemonių tyrimas / Security tools analysis for Internet Servers

Žabinskas, Vidas

01 June 2004

Transferring the activities to electronic space, each Internet user could be involved in a risk that the information accessed and transmitted by network might be read, retrieved and, supposedly, trespassed. Therefore, the preventive protection of personal computer and computer system security is relevant in order security gaps in a computer system would appear as less as possible. Subject of the Work: “PC Security” Internet service website designated to check-out personal computer system security by users on their own. Goal of the Work: computer security measures analysis and computer security control system development. The current study contain the analysis of measures that support system to be more attack-resistant: rules necessary for network security resistance; information coding measures; actions disturbing normal system operation; actions to be undertaken in case of successful intruder attack. Requirements for the models of Internet server security and testing system were set therein. Observing the aforementioned requirements computer system security testing system was designed and implemented, system testing carried out, and system user specifications described. For flexibility purposes two check-out options were involved in the testing system: system user performs the computer IP testing himself/herself or testing is performed by a system operator with report sending. This particular testing system should be very useful for the users because the latter would be... [to full text]

Informatics

Interneto serverio apsauga

Web server security

Bezpečný přístup do webového rozhraní / Secure access to web interface

Kazik, Milan

January 2009

This document contains basic principles and processes regarding secure access to web information system. It consists of theoretic and applied part. These are mainly written together in thesis’s chapters. Theoretic informations were tested on simple web application created in PHP computer language on Apache web server using MySQL database. In the beginning, there is an analysis of used programming environment, especially it’s advantages and disadvantages. The main part of this document is simple characterization of many security problems which can be found on many websites all around the world. In the first place it’s a handling problem of inputs and outputs in the web applications. Password disputableness is solving separatelly. Theory of a problem is analysed first of all. Then a couple of solving methods are suggested and the one which is practically realized is described in detail. There is a notification system created which is used to inform user about errors appeared in web application. In the last section there is a client and server certificates described. This document contains fully characterization of used scripts and connection between them. They are supplemented with many pictures and screenshots which are used to better understanding the disputableness of web security.

Web Design, Development and Security

Panta, Purushottam

12 June 2009

No description available.

Computer Science

web design

web server security

web development

security

web information system

SQL injection

Evaluation of the CSF Firewall / Utvärdering av CSF brandväggen

Mudhar, Ahmad

January 2013

The subject of web server security is vast, and it is becoming bigger as time passes by. Every year, researches, both private and public, are adding to the number of possible threats to the security of web servers, and coming up with possible solutions to them. A number of these solutions are considered to be expensive, complex, and incredibly time-consuming, while not able to create the perfect web to challenge any breach to the server security. In the study that follows, an attempt will be made to check whether a particular firewall can ensure a strong security measure and deal with some security breaches or severe threat to an existing web server. The research conducted has been done with the CSF Firewall, which provides a suit of scripts that ensure a portal’s security through a number of channels. The experiments conducted under the research provided extremely valuable insights about the application in hand, and the number of ways the CSF Firewall can help in safety of a portal against Secured Shell (SSH) attacks, dedicated to break the security of it, in its initial stages. It further goes to show how simple it is to actually detect the prospective attacks, and subsequently stop the Denial of Service (DoS) attacks, as well as the port scans made to the server, with the intent of breaching the security, by finding out an open port. By blocking the IP Addresses of the attackers dedicated to such an act, preventing them from creating nuisance, the CSF Firewall has been able to keep alien intrusions away from the server. It also aids in creating a secure zone for the server, to continue smoothly, while alerting the server administrators of the same, and gives them an opportunity to check those threatening IPs, and the time of attack, makes sure that the server administrators stay alert in the future, and is able to keep an eye on such attacks. In doing this, the experiment adds valuable data in the effective nature of the CSF Firewall.

CSF Firewall

Iptables

Firewall

Web server Security

SPI

Configserver Security & Firewall

SYN-flood

DoS attack

Port Scan

Exploit checks

Firewall notifications

SSH attacks

Computer Sciences

Datavetenskap (datalogi)