Web Server Administration Chapter 10 Securing the Web Environment Overview Identify threats and vulnerabilities Secure data transmission Secure the operating system Secure server applications Overview Authenticate Web users Use a firewall Use a proxy server Use intrusion detection software Identifying Threats and Vulnerabilities Focus is on threats from the Internet Hackers sometimes want the challenge of penetrating a system and vandalizing it – other times they are after data Data can be credit card numbers, user names and passwords, other personal data Information can be gathered while it is being transmitted Often, operating system flaws can assist the hacker Examining TCP/IP Hackers often take advantage of the intricacy of TCP/IP The following are parts of the IP header most relevant to security Source address Destination address Packet identification, flags, fragment offset Total length Protocol – TCP, UDP, ICMP TCPDelivering Data to Applications Important header fields Source and destination ports Sequence number, data offset Flags, such as SYN, ACK, FIN Establishing a TCP connection Vulnerabilities of DNS Historically DNS has had security problems BIND is the most common implementation of DNS and some older version had serious bugs BIND 9, the current version, has been more secure Vulnerabilities in Operating Systems Operating systems are large and complex which means that there are more opportunities for attack Although Windows has had its share of problems, often inattentive administrators often fail to implement patches when available Some attacks, such as buffer overruns, can allow the attacker to take over the computer Vulnerabilities in Web servers Static HTML pages pose virtually no problem Programming environments and databases add complexity that a hacker can exploit Programmers often do not have time to focus on security Vulnerabilities of E-mail Servers By design, e-mail servers are open E-mail servers can be harmed by a series of very large e-mail messages Sending an overwhelming number of messages at the same time can prevent valid users from accessing the server Viruses can be sent to e-mail users Retrieving e-mail over the Internet often involves sending your user name and password as clear text Digital communication Closed and secure (national defense, VPN) Open and secure (SSL) Open and non-secure (PKI) What Is PKI? A PKI is an asymmetric cryptography security environment that supports the transmission, delivery, and receipt of digital communications over a nonsecure communications channel. PKI a ‘hot technology” E-Commerce E-Governance State of Illinois What Does PKI Do? Authenticates sender of digital communications Protects integrity of digital communications Key Pair Private Public Trusted third party How PKI Works in Digital Communications Securing Data Transmission To secure data on a network that is accessible to others, you need to encrypt the data SSL is the most common method of encrypting data between a browser and Web server Secure Shell (SSH) is a secure replacement for Telnet Secure Sockets Layer (SSL) A digital certificate issued by a certification authority (CA) identifies an organization The public key infrastructure (PKI) defines the system of CAs and certificates Public key cryptography depends on two keys A public key is shared with everyone The public key can be used to encrypt data Only the owner of the public key has the corresponding private key which is needed to decrypt the data Establishing an SSL Connection Using SSH for Tunneling Tunneling allows you to use an unsecure protocol, such as POP3, through a secure connection, such as SSH To set up tunneling Configure the SSH client so the local port is 55555 (or another port between 1024 and 65535) Configure the SSH client to connect to POP3 port 110 Log in to the SSH client Direct the e-mail client to port 5555 and log in to the e-mail server Securing the Operating System Use the server for only necessary tasks Minimize user accounts Disable services that are not needed Make sure that you have a secure password In addition to using upper case, lower case numbers and symbols, hold down the ALT key on a number (on the numeric keypad) from 1 to 255 Check a table of ALT values to avoid common characters The use of the ALT key will thwart most hackers Securing Windows There are many services that are not needed in Windows for most Internet-based server applications Alerter Computer browser DHCP client DNS client Messenger Server Workstation Also, the registry can be used to alter the configuration to make it more secure such as disabling short file names Securing Linux As with Windows, make sure that you only run daemons (services) that you need Generally, daemons are disabled by default The command netstat -l gives you a list of daemons that are running Use chkconfig to enable and disable daemons chkconfig imap on would enable imap Securing E-mail You have already seen the ability to tunnel POP3 which would prevent data from being seen Exchange 2000 can also use SSL for the protocols it uses To prevent someone from sending large e-mail messages until the disk is full, set a size limit for each mailbox Securing the Web Server Enable the minimum features If you don't need a programming language, do not enable it Make sure programmers understand security issues Implement SSL where appropriate Configuring User Authentication in IIS Four types of authenticated access Windows integrated authentication Digest authentication for Windows domain servers Works with proxy servers Requires Active Directory and IE Basic authentication Most secure – requires IE User name and password in clear text Works with IE, Netscape, and others Passport authentication Centralized form of authentication Only available on Windows Server 2003 Using a Firewall A firewall implements a security policy between networks Our focus is between the Internet and an organization's network You need to limit access, especially from the Internet to your internal computers Restrict access to Web servers, e-mail servers, and other related servers Types of Filtering Packet filtering Circuit-level filtering (stateful or dynamic filtering) Looks at each individual packet Based on rules, it determines whether to let it pass through the firewall Controls complete communication session, not just individual packets Allows traffic initialized from within the organization to return, yet restricts traffic initialized from outside Application-level Instead of transferring packets, it sets up a separate connection to totally isolate applications such as Web and email A Packet-filtering Firewall Consists of a list of acceptance and denial rules A firewall independently filters what comes in and what goes out It is best to start with a default policy that denies all traffic, in and out We can reject or drop a failed packet Drop – (best) thrown away without response Reject – ICMP message sent in response Summary User authentication controls access to one or more Web server directories Firewalls control access policies between networks A proxy server delivers content on behalf of a user or server application Intrusion detection software identifies intrusions but typically does not prevent them