Επαύξηση ασφάλειας εξυπηρετητή ιστού (Web server security hardening)
View/
Keywords
Web servers ; Security hardeningAbstract
Nowadays one of the most frequent attacks carried out by hackers is the Denial of Service Attack – DoS where huge amounts of traffic are channeled in the target network and this results target servers become non-functional within a short period of time. Slowloris attack is a type of DoS attack that allows a simple machine to drop a target web server with minimal bandwidth and create side effects on services and doors. But the most important thing is that such an attack is not detectable by IDS systems because the HTTP headers in the requests sent to the server are not complete and as a result, these requests remain open, thus filling the maximum number of simultaneous connections that the server can accept and ultimately the server refuses to provide additional connections to clients.
As part of this thesis, a bash script has been implemented which is called centos8-apache-hardening.sh and its main task is to implement the necessary installations and configurations on a Centos 8 OS Apache Web Server in order to increase the security of the Web Server against various attacks including Slowloris. More specific, in chapter 1 are described the best practices of bash script for enhancing the security of Apache Web Server, in chapter 2 are described DoS attacks as well as the protection methods that the script applies against the Slowloris and DoS attacks, in chapter 3 is provided a detailed description of the technical specifications of the bash script as well as are described additional measures to increase system level security in the Apache Web Server implemented by the bash script. Finally in chapter 4 safety and accuracy tests are performed on security modules that installed by the bash script as well as Slowloris attacks on an Apache Web Server are performed before and after the bash script is applied, and the corresponding results are presented.