Interneto serverių apsaugos priemonių tyrimas / Security tools analysis for Internet Servers

Žabinskas, Vidas

01 June 2004

Transferring the activities to electronic space, each Internet user could be involved in a risk that the information accessed and transmitted by network might be read, retrieved and, supposedly, trespassed. Therefore, the preventive protection of personal computer and computer system security is relevant in order security gaps in a computer system would appear as less as possible. Subject of the Work: “PC Security” Internet service website designated to check-out personal computer system security by users on their own. Goal of the Work: computer security measures analysis and computer security control system development. The current study contain the analysis of measures that support system to be more attack-resistant: rules necessary for network security resistance; information coding measures; actions disturbing normal system operation; actions to be undertaken in case of successful intruder attack. Requirements for the models of Internet server security and testing system were set therein. Observing the aforementioned requirements computer system security testing system was designed and implemented, system testing carried out, and system user specifications described. For flexibility purposes two check-out options were involved in the testing system: system user performs the computer IP testing himself/herself or testing is performed by a system operator with report sending. This particular testing system should be very useful for the users because the latter would be... [to full text]

Informatics

Interneto serverio apsauga

Web server security

Creating a Secure Server Architecture and Policy for Linux-based Systems

Kourtesis, Marios

January 2015

Creating and maintaining servers for hosting services in a secure and reliable way is an important but complex and time-consuming task. Misconfiguration and lack of server maintenance can potentially make the system vulnerable. Hackers can exploit these vul­nerabilities in order to penetrate into the system internals and cause damage. Having a standard architecture/configuration supporting the needed services saves time and re­sources while it reduces security risks. A server architecture protected by a security policy can secure the integrity and quality of the overall services. This research demon­strates building a secure server architecture protected by a security policy. To achieve this a security policy and a checklist was designed and combined with a host based IDPS, a NMS and a WAF.

IDS

secure environments

Linux

network management systems

server security

web application firewall

server security

Bezpečný přístup do webového rozhraní / Secure access to web interface

Kazik, Milan

January 2009

This document contains basic principles and processes regarding secure access to web information system. It consists of theoretic and applied part. These are mainly written together in thesis’s chapters. Theoretic informations were tested on simple web application created in PHP computer language on Apache web server using MySQL database. In the beginning, there is an analysis of used programming environment, especially it’s advantages and disadvantages. The main part of this document is simple characterization of many security problems which can be found on many websites all around the world. In the first place it’s a handling problem of inputs and outputs in the web applications. Password disputableness is solving separatelly. Theory of a problem is analysed first of all. Then a couple of solving methods are suggested and the one which is practically realized is described in detail. There is a notification system created which is used to inform user about errors appeared in web application. In the last section there is a client and server certificates described. This document contains fully characterization of used scripts and connection between them. They are supplemented with many pictures and screenshots which are used to better understanding the disputableness of web security.

Zabezpečení online aplikací typu klient-server / Security of Online Client-Server Applications

Čapek, Jan

January 2018

This thesis is dedicated to security of client-server applications running on Windows platform. In the beginning chapters it is possible to find motivation, about why this type of security is important. Following content describes some elements of used architecture and elements of operating system Windows. The core of the work contains techniques and tools used by the attacker and protection against them. In following chapter there is a design and implementation of the security solution based on the previous theory. This solution is then tested against various threats, to verify its effectivity.

Web Design, Development and Security

Panta, Purushottam

12 June 2009

No description available.

Computer Science

web design

web server security

web development

security

web information system

SQL injection

Evaluation of the CSF Firewall / Utvärdering av CSF brandväggen

Mudhar, Ahmad

January 2013

The subject of web server security is vast, and it is becoming bigger as time passes by. Every year, researches, both private and public, are adding to the number of possible threats to the security of web servers, and coming up with possible solutions to them. A number of these solutions are considered to be expensive, complex, and incredibly time-consuming, while not able to create the perfect web to challenge any breach to the server security. In the study that follows, an attempt will be made to check whether a particular firewall can ensure a strong security measure and deal with some security breaches or severe threat to an existing web server. The research conducted has been done with the CSF Firewall, which provides a suit of scripts that ensure a portal’s security through a number of channels. The experiments conducted under the research provided extremely valuable insights about the application in hand, and the number of ways the CSF Firewall can help in safety of a portal against Secured Shell (SSH) attacks, dedicated to break the security of it, in its initial stages. It further goes to show how simple it is to actually detect the prospective attacks, and subsequently stop the Denial of Service (DoS) attacks, as well as the port scans made to the server, with the intent of breaching the security, by finding out an open port. By blocking the IP Addresses of the attackers dedicated to such an act, preventing them from creating nuisance, the CSF Firewall has been able to keep alien intrusions away from the server. It also aids in creating a secure zone for the server, to continue smoothly, while alerting the server administrators of the same, and gives them an opportunity to check those threatening IPs, and the time of attack, makes sure that the server administrators stay alert in the future, and is able to keep an eye on such attacks. In doing this, the experiment adds valuable data in the effective nature of the CSF Firewall.

CSF Firewall

Iptables

Firewall

Web server Security

SPI

Configserver Security & Firewall

SYN-flood

DoS attack

Port Scan

Exploit checks

Firewall notifications

SSH attacks

Computer Sciences

Datavetenskap (datalogi)

Modely řízení přístupu ke zdrojům operačního systému / Operating Systems' Resource Access Control Models

Vopička, Adam

January 2010

The thesis deals with models used in access control to operating systems' resources. The thesis' goals are the theoretical description of these models and their comparison, the description of their implementations in selected operating systems and the description of their utilization in securing typified servers. In the first chapter, the reader is introduced to basic terms and principles of computer security and access control. In the second, also theoretical part, selected access control models are described from different viewpoints, for example their factual specialization, basic rules, principles and evolution. At the end of the chapter, the models are compared to each other according to specified criteria. The third, more practically oriented chapter, continues from the initial, both general and concrete introduction with operating systems, to description of access control model implementations in selected operating systems. At the end of the chapter, these implementations too are compared according to specified criteria. The fourth, final part, is dedicated to the description of the actual securing of a web and file server using operating system level access control means. The end of the chapter is dedicated to the possibilities of using these means to secure web applications. The contribution of this thesis from the theoretical point of view is a well-arranged and compact access control model comparison, and also the merger of the theoretical base with practical use of the described model implementations. The thesis is recommended to people interested in the computer security issues in general and people interested in access control from both theoretical and practical sides, e.g. system administrators or system designers.

Bezpečnostní metriky platformy SAP / Security Metrics of SAP Platform

Třeštíková, Lenka

January 2017

Main goal of this thesis is analyzing potential security risks of the SAP NetWeaver platform and identifying various vulnerabilities, that are results of poor system configuration, incorrect segregation of duties or insufficient patch management. Methodology for platform evaluation is defined by vulnerabilities, security requirements and controls will be created.