Threats of Server Security: Presented By, Reshmi.J URK19ISD011

Download as pptx, pdf, or txt
Download as pptx, pdf, or txt
You are on page 1of 11

THREATS OF SERVER SECURITY

PRESENTED BY,
RESHMI.J
URK19ISD011
9 SERVER SECURITY THREATS
• It is easy to get a server. Anyone can setup a machine in his
basement and start publishing websites. Furthermore, most web
hosting companies offer leased servers and virtual private
servers at affordable prices. All of this means that someone with
absolutely no experience can start a server, publish websites, or
even host other people’s sites.
• Fortunately, there are plenty of forums and online
documentation to help newbie system administrators get
started. If you happen to be one of them or even if you are not,
there several security threats to Internet-connected servers that
you should be aware of and know how to prevent and mitigate.
These 10 threats are common ones that attackers like to use to
either gain access to your server or bring it to its knees.
Brute Force Attack

• In a brute force attack, the intruder attempts to


gain access to a server by guessing a user
password (usually the root administrator)
through the SSH server, Mail server, or other
service running on your system. The attacker
will normally use software that will check every
possible combination to find the one that works.
Brute force detection software will alert you
when multiple failed attempts to gain access
are in progress and disable access from the
offending IP address.
Open Relay
• A Mail Transfer Agent (MTA) normally uses an
SMTP server to send email from your server’s
users to people around the world. With an open
relay, anyone can use your SMTP server, including
spammers. Not only is it bad to give access to
people who send spam, it could very well get your
server placed on a DNS blacklist that some ISPs
will use to block mail from your IP. It is very easy
to close an open relay. Just follow the
documentation for your MTA.
Botnet

• Attackers use botnets to automatically run and


distribute malicious software on “agent”
servers. They then use the agent machines to
attack or infect others. Because all of this can
be done automatically without user
intervention, botnets can spread very quickly
and be deadly for large networks. They are
commonly used in DDoS attacks and spam
campaigns.
DoS

• DoS stands for Denial of Service, and is a technique


attackers will use to effectively shut off access to
your site. They accomplish this by increasing traffic on
your site so much that the victim’s server becomes
unresponsive. While some DoS attacks come from
single attackers, others are coordinated and are called
Distributed Denial of Service (DDoS) attacks. Often
times, the users of computers executing a DDoS do not
even know their computers are being used as agents.
Cross-site Scripting

• Cross-site scripting or XSS is a technique that makes


use of vulnerabilities in web applications. According
to UK dedicated hosting server specialists at
34SP.com, the vulnerability allows the attacker to
inject code in a server-side script that they will use
to execute malicious client-side scripts or gather
sensitive data from the user. You can fix most XSS
problems by using scanner software to detect
vulnerabilities and then fix whatever you find.
SQL Injection

• Like XSS, SQL injection requires a vulnerability


to be present in the database associated with a
web application. The malicious code is inserted
into strings that are later passed to the SQL
server, parsed, and executed. As with other
vulnerability-dependent attacks, you can prevent
it by scanning for problem code and fixing it.
Malware

• Malware can take many forms, but as the name


implies, it is malicious software. It can take the form
of viruses, bots, spyware, worms, trojans, rootkits,
and any other software intended to cause harm. In
most cases, malware is installed without the user’s
direct consent. It may attack the user’s computer
and/or attack other computers through the user’s own
system. Having proper firewall and security software
protection can usually prevent malware from
spreading.
Unpatched Software

• Most threats to a server can be prevented


simply by having up-to-date, properly-
patched software. All server operating
system vendors and distributions publish
security updates. By installing them on
your system in a timely manner, you
prevent attackers from using your server’s
own vulnerabilities against it.
Careless Users

• The number one, most prevalent threat to a


server’s security is user carelessness. If you or
your users have passwords that are easy to guess,
poorly written code, unpatched software, or a
lack of security measures like anti-virus
software, you are just asking for trouble. By
enforcing strong security practices and secure
authentication, you can lessen or even eliminate
most threats.

You might also like