Završni rad - Sigurnost web servera
-
Upload
edin-cenanovic -
Category
Education
-
view
183 -
download
4
Transcript of Završni rad - Sigurnost web servera
![Page 1: Završni rad - Sigurnost web servera](https://reader036.fdocument.pub/reader036/viewer/2022062308/55ba45d6bb61eb70438b4658/html5/thumbnails/1.jpg)
Sigurnost Web Servera
Mentor:Doc. dr. Jasmin Azemović Mostar, oktobar 2013
Kandidat:Edin Ćenanović, 2324
Završni rad nakon treće godineUniverzitet „Džemal Bijedić“ u MostaruFakultet informacijskih tehnologijawww.fit.ba
![Page 2: Završni rad - Sigurnost web servera](https://reader036.fdocument.pub/reader036/viewer/2022062308/55ba45d6bb61eb70438b4658/html5/thumbnails/2.jpg)
• Ukazati na propuste web servera• Poboljšanje sigurnosti • Povećavanje svijesti ljudi o napadima• Implementacija mehanizma za odbranu
Cilj rada
![Page 3: Završni rad - Sigurnost web servera](https://reader036.fdocument.pub/reader036/viewer/2022062308/55ba45d6bb61eb70438b4658/html5/thumbnails/3.jpg)
Platforme
Zašto Apache i IIS?
Preuzeto sa: http://news.netcraft.com/archives/2013/06/06/june-2013-web-server-survey-3.html#more-10309
![Page 4: Završni rad - Sigurnost web servera](https://reader036.fdocument.pub/reader036/viewer/2022062308/55ba45d6bb61eb70438b4658/html5/thumbnails/4.jpg)
Propusti i ojačavanje Apache web servera
• Ostaviti instalaciju onakvu kakva jeste• Apache signature• Directory listing• WebDAV• .htaccess fajl
![Page 5: Završni rad - Sigurnost web servera](https://reader036.fdocument.pub/reader036/viewer/2022062308/55ba45d6bb61eb70438b4658/html5/thumbnails/5.jpg)
Isključiti Apache signature i directory listing
![Page 6: Završni rad - Sigurnost web servera](https://reader036.fdocument.pub/reader036/viewer/2022062308/55ba45d6bb61eb70438b4658/html5/thumbnails/6.jpg)
Rezultat
![Page 7: Završni rad - Sigurnost web servera](https://reader036.fdocument.pub/reader036/viewer/2022062308/55ba45d6bb61eb70438b4658/html5/thumbnails/7.jpg)
• Nepotrebni moduli• Directory listing• Čuvanje logova
Propusti i ojačavanje IIS Web Servera
![Page 8: Završni rad - Sigurnost web servera](https://reader036.fdocument.pub/reader036/viewer/2022062308/55ba45d6bb61eb70438b4658/html5/thumbnails/8.jpg)
Isključivanje directory listinga
![Page 9: Završni rad - Sigurnost web servera](https://reader036.fdocument.pub/reader036/viewer/2022062308/55ba45d6bb61eb70438b4658/html5/thumbnails/9.jpg)
IIS Manager
![Page 10: Završni rad - Sigurnost web servera](https://reader036.fdocument.pub/reader036/viewer/2022062308/55ba45d6bb61eb70438b4658/html5/thumbnails/10.jpg)
• Layer 3 i 4 DDoS napadi • DNS amplificirani (umnoženi) napadi• SMURF napadi• ACK napadi• Layer 7 DDoS napadi
Vrste napada
![Page 12: Završni rad - Sigurnost web servera](https://reader036.fdocument.pub/reader036/viewer/2022062308/55ba45d6bb61eb70438b4658/html5/thumbnails/12.jpg)
• Većina DDoS napada je usmjerena na mrežni i transportni sloj OSI komunikacijskog modela• Cilj ovih napada je onemogućavanje switcheva i mrežnih kartica
servera• Štetni paketi najčešće dolaze sa više izvora• CloudFlare distribuira štetni saobraćaj na svoju mrežu i tako
apsorbira napad
Način odbrane protiv layer 3 i 4 napada
![Page 13: Završni rad - Sigurnost web servera](https://reader036.fdocument.pub/reader036/viewer/2022062308/55ba45d6bb61eb70438b4658/html5/thumbnails/13.jpg)
Način odbrane protiv DNS amplificiranih napada
Preuzeto sa: http://www.cloudflare.com/ddos
![Page 14: Završni rad - Sigurnost web servera](https://reader036.fdocument.pub/reader036/viewer/2022062308/55ba45d6bb61eb70438b4658/html5/thumbnails/14.jpg)
Kako to izgleda kad koristite CloudFlare
Preuzeto sa: http://www.cloudflare.com/ddos
![Page 15: Završni rad - Sigurnost web servera](https://reader036.fdocument.pub/reader036/viewer/2022062308/55ba45d6bb61eb70438b4658/html5/thumbnails/15.jpg)
Način odbrane protiv SMURF napada
Preuzeto sa: http://www.cloudflare.com/ddos
![Page 17: Završni rad - Sigurnost web servera](https://reader036.fdocument.pub/reader036/viewer/2022062308/55ba45d6bb61eb70438b4658/html5/thumbnails/17.jpg)
Način odbrane protiv Layer 7 napada
Preuzeto sa: http://www.cloudflare.com/ddos
![Page 18: Završni rad - Sigurnost web servera](https://reader036.fdocument.pub/reader036/viewer/2022062308/55ba45d6bb61eb70438b4658/html5/thumbnails/18.jpg)
Zaključak
• Relativno malo napora da se serversko okruženje dovede na dosta siguran nivo• Poboljšane su performanse sistema• Nova razina sigurnosti uz pomoć CloudFlare servisa• Web prezentacija video materijala: http://zavrsni.edinc.info/
![Page 19: Završni rad - Sigurnost web servera](https://reader036.fdocument.pub/reader036/viewer/2022062308/55ba45d6bb61eb70438b4658/html5/thumbnails/19.jpg)
Hvala na pažnji!
Mentor:Doc. dr. Jasmin Azemović Mostar, oktobar 2013
Kandidat:Edin Ćenanović, 2324
Završni rad nakon treće godineUniverzitet „Džemal Bijedić“ u MostaruFakultet informacijskih tehnologijawww.fit.ba