Welcome, Guest: Register On Nairaland / LOGIN! / Trending / Recent / NewStats: 3,218,359 members, 8,037,711 topics. Date: Thursday, 26 December 2024 at 03:28 PM |
Nairaland Forum / Science/Technology / Webmasters / Common Server Attack Issues And Preventive Measures (5180 Views)
I Will Fix Wordpress Issues And Do Customization / Most Common Google Adsense Issues And How To Fix It / Facebook Releases Measures To Addressing Hoaxes And Fake News (2) (3) (4)
Common Server Attack Issues And Preventive Measures by LekkiHost: 3:04pm On Jun 16, 2017 |
Web Host provides the platform for a website to be accessible to the world via a web server. A web server is a program that stores files (usually web pages) and makes them accessible via the network or the internet. A web server requires both hardware and software. Customers usually turn to the internet to get information and buy products and services. Towards that end, most organizations have websites and these websites store valuable information such as credit card numbers, email address and passwords, etc. This has made them targets to attackers. From time to time, host providers are faced with server attacks which could lead to downtimes for their customers (users) thereby making the websites of legitimate users inaccessible. This could also cause the host provider to suffer long term reputation damage. Web server can be attacked in many ways. Some of the most common attacks and how to prevent them are listed below. 1. Denial of Service (DoS/DDoS) Denial of service (DoS) or Distributed Denial of Service (DDoS) attacks are the most common ways to overwhelm a server. Denial of Service attacks are when one computer with an internet connection attempts to flood a server with packets while DDoS on the other hand are when many devices, often widely distributed into a botnet attempt to overload network and servers with enormous malicious requests. DOS attacks are performed by overwhelming the web server in numerous ways including sending invalid data as input that causes application termination, flooding the web server with automated request causing a crash, blocking the traffic resulting in loss of access to the users. This will increase the server’s downtime which, in turn, will make websites on the server unavailable to intended users. The goal of a DoS attack is to bring down a web server by overloading it with access requests. Popular websites such as Google and Twitter have been victims of DoS attacks. Preventive measures Prevention of DoS attacks from anonymous sources can be ensure by implementing a web server firewall that inspects the entire HTTL traffic and stop any data packet that appears malicious and generating from a source that is not authorized. As a host provider, you can go through these technical measures to perform rescue operations: • Set the limit of your router to prevent overloading. • Integrate filters to drop packets that could be sources of malicious attack. • Lower the SYN, ICMP, and UDP flood drop thresholds. • Deny access to malformed packages. 2. SQL Injection SQL injection, also known as SQLI, is a common attack vector that uses malicious SQL query code for backend database manipulation to access information that was not intended to be displayed. An SQL query with parameters from the URL is fed to the database that has the ability to alter the data. When this attack is conducted, there are chances of backend database server to be compromised and it can be catastrophic for a company. A successful attack may result in the unauthorized viewing of user lists, the deletion of entire tables and, in certain cases, the attacker gaining administrative rights to a database, all of which are highly detrimental to a business. Websites that are most likely to be attacked using this type of attack are e-commerce websites that have huge database comprising users’ information. Preventive Measures As a preventive measure, host providers can employ the use of input validation (a.k.a. sanitization), which is the practice of writing code that can identify illegitimate user inputs, do a thorough review of the source code, following least privilege for database applications and deleting redundant and unnecessary database users and procedures. They can also integrate web application firewall which can filter out SQLI as well as other online threats. 3. DNS Poisoning (Phishing) and spamming A phishing attack is a fraudulent message, usually in the form of an email, which lures users into clicking a link. That link in turn either leads the victim to a malicious website or initiates a malicious download. Attackers can then use the entered information to steal your (or your customers’) identity. DNS poisoning can ultimately route users to the wrong website. For example, a user may enter “msn.com” into a web browser, but a page chosen by the attacker loads instead. These phishing sites are often hosted on otherwise legitimate sites that have been attacked due to poor security practices. Spam are unsolicited “junk” e-mails that are sent to large numbers of people to promote products or services. Spam, or electronic junk mail, is a nuisance as it can clutter your mailbox as well as potentially take up space. Relatively speaking, they are harmless. However, spam messages can contain links that when clicked on could go to a website that installs malicious software and can also flood systems with unnecessary traffic that could bring down network speed to less than optimal levels. Preventive Measures As a preventive measure, security provisions can be added to the server to prevent phishing attacks, however specific websites need to have their own security as well. Mail servers can also be protected by integrating spam/junk mail filter. More >>> https://www.lekkihost.com/forum/index.php?topic=4482.0 2 Likes |
Re: Common Server Attack Issues And Preventive Measures by planetx13: 7:05am On Jun 18, 2017 |
FTC....... abeg who dey pay me lala or seu..... abeg sharp sharp ,make i no vex Thanks Op.. useful info meanwhile..... Our family is looking to sell our large expanse of land in delta State .(638 hectares). All documents available and original copies also ( C of O, survey plan, deed of conveyance). willing to sell in parts and also open to partnership. If interested or have any questions please feel call 0.9.0.8.0.9.5.0.2.1.4 1 Like |
Re: Common Server Attack Issues And Preventive Measures by oshe11: 7:06am On Jun 18, 2017 |
Please go n repair the one that hapend to LOOPERs so they can pay me back my MONEY |
Re: Common Server Attack Issues And Preventive Measures by drunkpunk(m): 7:06am On Jun 18, 2017 |
K |
Re: Common Server Attack Issues And Preventive Measures by mmsen: 7:07am On Jun 18, 2017 |
How did this make front page? Most people on this forum don't even know how their phones work and this one is talking about server issues... 2 Likes |
Re: Common Server Attack Issues And Preventive Measures by olaniyi0(m): 7:07am On Jun 18, 2017 |
a |
Re: Common Server Attack Issues And Preventive Measures by olaniyi0(m): 7:08am On Jun 18, 2017 |
b |
Re: Common Server Attack Issues And Preventive Measures by olaniyi0(m): 7:08am On Jun 18, 2017 |
c |
Re: Common Server Attack Issues And Preventive Measures by olaniyi0(m): 7:08am On Jun 18, 2017 |
d |
Re: Common Server Attack Issues And Preventive Measures by olaniyi0(m): 7:09am On Jun 18, 2017 |
e |
Re: Common Server Attack Issues And Preventive Measures by crackerspub: 7:09am On Jun 18, 2017 |
DDOS is still the king The so called solutions from the OP don't work against DDOS |
Re: Common Server Attack Issues And Preventive Measures by olaniyi0(m): 7:12am On Jun 18, 2017 |
5 plots of land above me is for sale, each cost 500 and 100 nairaland likes n share |
Re: Common Server Attack Issues And Preventive Measures by Nobody: 7:28am On Jun 18, 2017 |
@op How come you didn't include the use of acl1&2,IPS or even IDS on your preventive list?firewall is good but I don't think firewalls alone is enough to stop attacks these days. |
Re: Common Server Attack Issues And Preventive Measures by akereconfi: 7:28am On Jun 18, 2017 |
One common way to prevent SQL Injection as a beginner is using "Prepared Statements" for scripts linking your backend to your front end 2 Likes |
Re: Common Server Attack Issues And Preventive Measures by xreal: 7:32am On Jun 18, 2017 |
1 Like |
Re: Common Server Attack Issues And Preventive Measures by sakalisis(m): 7:32am On Jun 18, 2017 |
Re: Common Server Attack Issues And Preventive Measures by Lordwheez(m): 7:43am On Jun 18, 2017 |
OP.... Note one thing. Once it is digital, it's got flaws and is hackable. |
Re: Common Server Attack Issues And Preventive Measures by bigcil2(m): 7:53am On Jun 18, 2017 |
planetx13: Contact us or place it on our website for free https://Letout.com.ng |
Re: Common Server Attack Issues And Preventive Measures by wayaa007(m): 9:52am On Jun 18, 2017 |
SQL injection, separate your web servers from your database servers, host on different servers |
Re: Common Server Attack Issues And Preventive Measures by Nobody: 10:08am On Jun 18, 2017 |
How do you fix trust relationship issues on a host pc.. tried powershell method but it didn't fix it |
Re: Common Server Attack Issues And Preventive Measures by 4dor: 10:20am On Jun 18, 2017 |
Nice! |
Re: Common Server Attack Issues And Preventive Measures by fufuNegusi(m): 10:58am On Jun 18, 2017 |
Nice information I hope to start up my own Cybersecurity company someday Information security in Nigeria is really nothing to write home about 1 Like |
Re: Common Server Attack Issues And Preventive Measures by Iamwrath: 11:48am On Jun 18, 2017 |
So that's how they hacked me >? |
Re: Common Server Attack Issues And Preventive Measures by Nobody: 1:00pm On Jun 18, 2017 |
Social engineering also |
Re: Common Server Attack Issues And Preventive Measures by Nobody: 1:45pm On Jun 18, 2017 |
this write up should be for web host companies i guess |
Re: Common Server Attack Issues And Preventive Measures by Nobody: 2:07pm On Jun 18, 2017 |
@Lekkihost, you spoke well. Thumbs up 1 Like |
Re: Common Server Attack Issues And Preventive Measures by whizbee(m): 5:53pm On Jun 18, 2017 |
Awesome write up, noobs may be unappreciative arbor this but it's understandable. 1 Like |
(1) (Reply)
Javascript Code To Make Rolling Banners/images / 10 Rapid Ways To Market Your Blog / Five Most Common Blogging Problems
(Go Up)
Sections: politics (1) business autos (1) jobs (1) career education (1) romance computers phones travel sports fashion health religion celebs tv-movies music-radio literature webmasters programming techmarket Links: (1) (2) (3) (4) (5) (6) (7) (8) (9) (10) Nairaland - Copyright © 2005 - 2024 Oluwaseun Osewa. All rights reserved. See How To Advertise. 31 |