Security of Web Servers and Web Services

Web servers and the Web services associated with them have become increasingly important in the last few years. Online banking, e-mail, and money, business- to-business (B2B), and business-to-client (B2C) transactions are growing rapidly. It is difficult to imagine modern business without these forms of networking. However, there are also significant negative aspects. In many cases, due to competitive pressures, companies and government agencies had to implement these services very fast, often too fast and without any appreciation of the concepts of security and protection. As a consequence, it turns out that a hacker can misuse with little effort these Web services or compromise the underlying database (e.g., to obtain access to credit cards numbers or social insurance information). A very significant percentage of the population in developed and developing countries is using wired and wireless connections for reading e-mails, accessing newsgroups, or using Internet banking. All these services are running on a Web server. Most Web servers are running the Apache or the Microsoft Internet Information Server (IIS) (all versions of both servers [Apache 1.3.x/2.x, IIS 3-6]) (Netcraft, 2006). Of these, older versions of the Internet Information Server are especially vulnerable to numerous attacks. Therefore, an attacker is in a position to break, with little effort, into many Web servers running IIS 4 or 5. However, the Apache Web server (running on Windows systems) is also vulnerable to similar attacks. Moreover, using a Web server based on UNIX or Linux is not a guarantee for a secure system. UNIX and Linux systems are also affected by inherent weaknesses and vulnerabilities such as buffer overflows and the handling of format strings (ZDNet, 2006). Readers who like to have more general insight are referred to works by Leiss (1990) and Garfinkel and Spafford (2002). These books give broader perspectives on Internet security.

Download Full-text

Security of Web Servers and Web Services

Electronic Services ◽

10.4018/978-1-61520-967-5.ch114 ◽

2010 ◽

pp. 1862-1872

Author(s):

Volker Hockmann ◽

Heinz D. Knoell ◽

Ernst L. Leiss

Keyword(s):

Web Services ◽

Web Server ◽

Internet Banking ◽

Internet Security ◽

Web Servers ◽

Access To Credit ◽

Buffer Overflows ◽

Information Server ◽

Internet Information ◽

Modern Business

Download Full-text

Web Server Performance Improvement Using Dynamic Load Balancing Techniques: A Review

Asian Journal of Research in Computer Science ◽

10.9734/ajrcos/2021/v10i130234 ◽

2021 ◽

pp. 47-62

Author(s):

Ibrahim Mahmood Ibrahim ◽

Siddeeq Y. Ameen ◽

Hajar Maseeh Yasin ◽

Naaman Omar ◽

Shakir Fattah Kak ◽

...

Keyword(s):

Load Balancing ◽

Response Time ◽

Performance Improvement ◽

Web Server ◽

Dynamic Load Balancing ◽

The Internet ◽

Web Servers ◽

Web Server Performance ◽

Server Clusters ◽

The Web

Today, web services rapidly increased and are accessed by many users, leading to massive traffic on the Internet. Hence, the web server suffers from this problem, and it becomes challenging to manage the total traffic with growing users. It will be overloaded and show response time and bottleneck, so this massive traffic must be shared among several servers. Therefore, the load balancing technologies and server clusters are potent methods for dealing with server bottlenecks. Load balancing techniques distribute the load among servers in the cluster so that it balances all web servers. The motivation of this paper is to give an overview of the several load balancing techniques used to enhance the efficiency of web servers in terms of response time, throughput, and resource utilization. Different algorithms are addressed by researchers and get good results like the pending job, and IP hash algorithms achieve better performance.

Download Full-text

A Research Paper on G-mart: The E-Commerce Website

International Journal for Research in Applied Science and Engineering Technology ◽

10.22214/ijraset.2021.39116 ◽

2021 ◽

Vol 9 (11) ◽

pp. 1949-1956

Author(s):

Gurpreet Singh

Keyword(s):

Electronic Commerce ◽

Business Model ◽

Business Models ◽

Internet Banking ◽

Business Practices ◽

Goods And Services ◽

Modern Business ◽

Self Service ◽

Self Service Technology ◽

Start Ups

Abstract: E-commerce is a boom in the modern business. E-commerce means electronic commerce. E- commerce (Electronic commerce) involves buying and selling of goods and services, or the transmitting of funds or data, over an electronic network, predominantly the Internet. E-commerce (Electronic commerce) is a paradigm shift influencing both marketers and the customers. Rather e-commerce is more than just another way to boost the existing business practices. It is leading a complete change in traditional way of doing business. This significant change in business model is witnessing a tremendous growth around the globe and India is not an exception. A massive internet penetration has added to growth of E-commerce and more particularly start-ups have been increasingly using this option as a differentiating business model. Moreover, E-Commerce has significant influences on the environment. Although the model is highly used in current business scenario but the option has not been explored at its fullest. The current research has been undertaken to describe the scenario of E-Commerce, analyze the trends of E-Commerce. The study further examines the key variables imperative for the success of E-commerce business models. Keywords: E-Commerce, Internet, Self-service, Technology, Internet banking.

Download Full-text

Performance Analysis of a Web Server

Software Applications ◽

10.4018/978-1-60566-060-8.ch025 ◽

2009 ◽

pp. 366-379

Author(s):

Jijun Lu ◽

Swapna S. Gokhale

Keyword(s):

Rapid Development ◽

Web Server ◽

Web Servers ◽

Software Infrastructure ◽

Software Configuration ◽

Performance Requirements ◽

Use Of The Internet ◽

Stringent Performance ◽

Source Of Information ◽

Selection Of

With the rapid development and widespread use of the Internet, Web servers have become a dominant source of information and services. The use of Web servers in business and critical application domains imposes stringent performance requirements on them. These performance requirements cast a direct influence on the choice of the configuration options of the hardware and the software infrastructure on which a Web server is deployed. In addition to the selection of configuration options, for a given level of load and a particular hardware and software configuration, it is necessary to estimate the performance of a Web server prior to deployment.

Download Full-text

WebMonitor: a Tool for Measuring World-Wide Web Server Performance

First Monday ◽

10.5210/fm.v2i7.539 ◽

1997 ◽

Cited By ~ 1

Author(s):

Jussara M. Almeida ◽

Virgilio Almeida ◽

David J. Yates

Keyword(s):

Operating System ◽

World Wide Web ◽

World Wide ◽

Web Server ◽

Size Distributions ◽

Web Servers ◽

Overall Performance ◽

User Space ◽

Web Server Performance

Server performance has become a crucial issue for improving the overall performance of the World-Wide Web. This paper describes WebMonitor, a tool for evaluating and understanding server performance, and presents new results for realistic workloads. WebMonitor measures activity and resource consumption, both within the kernel and in HTTP processes running in user space. WebMonitor is implemented using an efficient combination of sampling and event-driven techniques that exhibit low overhead. Our initial implementation is for the Apache World-Wide Web server running on the Linux operating system. We demonstrate the utility of WebMonitor by measuring and understanding the performance of a Pentium-based PC acting as a dedicated WWW server. Our workloads use file size distributions with a heavy tail. This captures the fact that Web servers must concurrently handle some requests for large audio and video files, and a large number of requests for small documents, containing text or images. Our results show that in a Web server saturated by client requests, up to 90% of the time spent handling HTTP requests is spent in the kernel. These results emphasize the important role of operating system implementation in determining Web server performance. It also suggests the need for new operating system implementations that are designed to perform well when running on Web servers.

Download Full-text

ANÁLISIS DE ATAQUES RANSOMWARE EN SERVIDORES WEB, LINUX Y WINDOWS

UNESUM-Ciencias. Revista Científica Multidisciplinaria. ISSN 2602-8166 ◽

10.47230/unesum-ciencias.v2.n3.2018.106 ◽

2019 ◽

Vol 2 (3) ◽

pp. 89-100

Author(s):

Ingrid Chilán González ◽

Francisco Bolaños Burgos ◽

Navira Angulo Murillo ◽

Gabriel Rodolfo García Murillo

Keyword(s):

Operating Systems ◽

Early Warning ◽

Web Server ◽

Vulnerability Analysis ◽

Web Servers ◽

Database Structure ◽

Application Servers ◽

La Red

El presente trabajo realiza un análisis de revisión bibliográfica de ataques ransomware en Servidores Web basados en Sistemas Operativos Linux y Windows. Por ello se realizó un análisis comparativo de vulnerabilidad de los Servidores de aplicaciones JBoss, Apache y estructura de base de datos Redis. Los resultados evidencian que los ataques con mayor frecuencia están dirigidos a los Hospitales teniendo en cuenta que los cibercriminales suelen pedir entre $200 y $500 dólares para restaurar los archivos, para el caso del ransomware Samsam para Windows, el atacante interviene la red de la organización vía SSH se autentica al Servidor JBoos. A partir del estudio realizado se puede concluir con una matriz de análisis, de ataques ransomware de varias familias CTB-loker, SamSam, CryptoWall 4.0, Linux.Enconder y FairWare y un listado de herramientas de alerta temprana contra ataques ransomware visto que cifran los directorios de los Sitios Web, por ende permite plantear trabajos futuros de nuevos tipos de ransomware por medio de herramientas de simulación.PALABRAS CLAVE: Ransomware; Servidor Web; Linux; Windows.ANALYSIS OF RANSOMWARE ATTACKS ON WEB SERVERS, LINUX AND WINDOWSABSTRACTThe present work performs an analysis of bibliographic review of ransomware attacks in Web Servers based on Linux and Windows Operating Systems. Therefore, a comparative vulnerability analysis of the JBoss Application Servers, Apache and Redis database structure was carried out. The results show that the most frequent attacks are directed to Hospitals taking into account that cybercriminals usually request between $ 200 and $ 500 dollars to restore the files, for the Samsam for Windows ransomware case, the attacker intervenes the organization's network via SSH authenticates to the JBoos Server. From the study carried out it can be concluded with a matrix of analysis, ransomware attacks of several families CTB-loker, SamSam, CryptoWall 4.0, Linux. Enconder and FairWare and a list of tools for early warning against ransomware attacks seen that encrypt the directories of the Websites, therefore allows to propose future works of new types of ransomware by means of simulation tools.KEYWORDS: Ransomware; Web Server; Linux; Windows.

Download Full-text

Tele-EEG in the UK: a report of over 1000 patients

Journal of Telemedicine and Telecare ◽

10.1258/jtt.2012.111003 ◽

2012 ◽

Vol 18 (5) ◽

pp. 243-246 ◽

Cited By ~ 19

Author(s):

Steven Coates ◽

Anne Clarke ◽

Geoffrey Davison ◽

Victor Patterson

Keyword(s):

Clinical Neurophysiology ◽

Web Server ◽

Medical Specialty ◽

Web Servers ◽

Digital Format ◽

The Uk

Clinical neurophysiology is the medical specialty in the UK responsible for training doctors in the interpretation of electroencephalograms (EEGs). At present it is difficult to recruit doctors to train in clinical neurophysiology which causes difficulty in delivering services. We established a tele-EEG service to record and report on EEGs at a UK hospital which was unable to attract a resident clinical neurophysiologist. The EEGs were recorded in digital format and placed on a web server to be read by a clinical neurophysiologist in another part of the UK. Where possible this was done using NHS web servers and email, but a back-up system was established using other systems with suitable encryption. A total of 1007 EEGs were reported in 13 months from patients of all ages, epilepsy being the commonest reason for referral. All cases were reported within 24 h of recording. The back-up system was used in 60 cases. Tele-EEG is a feasible, secure, timely and effective method of providing an EEG service to hospitals which cannot recruit a resident clinical neurophysiologist.

Download Full-text

Microsoft's Internet information server

Network Security ◽

10.1016/s1353-4858(96)90125-7 ◽

1996 ◽

Vol 1996 (3) ◽

pp. 4-5

Keyword(s):

Information Server ◽

Internet Information

Download Full-text

Research on Electronic Commercial

Applied Mechanics and Materials ◽

10.4028/www.scientific.net/amm.687-691.4811 ◽

2014 ◽

Vol 687-691 ◽

pp. 4811-4814

Author(s):

Kang Shao ◽

Xiao Meng Liu ◽

Kun Wang

Keyword(s):

Electronic Commerce ◽

Economic Globalization ◽

Economic Significance ◽

New Business ◽

Survival And Development ◽

Internet Information ◽

Modern Business ◽

Global Growth

With the advent of the era of economic globalization and Internet information and the emergence of this emerging industry, e-commerce for modern business provides a completely new business platform, which has played a tremendous economic significance in promoting the potential engine of global growth for small and medium-sized enterprise's survival and development. The paper analyzed the current developing model and innovation of electronic commerce in our country’s small and medium-sized enterprises.

Download Full-text

AWSQ: an approximated web server queuing algorithm for heterogeneous web server cluster

International Journal of Electrical and Computer Engineering (IJECE) ◽

10.11591/ijece.v9i3.pp2083-2093 ◽

2019 ◽

Vol 9 (3) ◽

pp. 2083

Author(s):

Kadiyala Ramana ◽

M. Ponnavaikko

Keyword(s):

Load Balancing ◽

Web Server ◽

Web Servers ◽

Heavy Load ◽

Web Based ◽

Server Cluster ◽

Mean Response Time ◽

Web Server Cluster ◽

Remaining Capacity ◽

Web Server Clusters

With the rising popularity of web-based applications, the primary and consistent resource in the infrastructure of World Wide Web are cluster-based web servers. Overtly in dynamic contents and database driven applications, especially at heavy load circumstances, the performance handling of clusters is a solemn task. Without using efficient mechanisms, an overloaded web server cannot provide great performance. In clusters, this overloaded condition can be avoided using load balancing mechanisms by sharing the load among available web servers. The existing load balancing mechanisms which were intended to handle static contents will grieve from substantial performance deprivation under database-driven and dynamic contents. The most serviceable load balancing approaches are Web Server Queuing (WSQ), Server Content based Queue (QSC) and Remaining Capacity (RC) under specific conditions to provide better results. By Considering this, we have proposed an approximated web server Queuing mechanism for web server clusters and also proposed an analytical model for calculating the load of a web server. The requests are classified based on the service time and keep tracking the number of outstanding requests at each webserver to achieve better performance. The approximated load of each web server is used for load balancing. The investigational results illustrate the effectiveness of the proposed mechanism by improving the mean response time, throughput and drop rate of the server cluster.

Download Full-text