Apache Security: Chapter 5. Denial of Service Attacks Report 2022
Added on 2022-09-01
30 Pages5305 Words30 Views
Course Work 2 - Network Operating Systems Services
Abstract
A report on Apache as the chosen security attack is presented. This intends to evaluate depending
on its operations, settings, techniques, security threats etc. This report trues to propose important
mechanisms and solutions for meeting the necessary service. Moreover, it investigates Apache
networking operating system service with the help of Ubuntu, appropriate mechanisms and
protocols. Various papers are reviewed to know the results of the practical experiments and
makes sure to set up and configure the required tools for delivering the services. The report
outlines the findings and associated threats. Additionally, it determines the possible security
problems which must be identified in an OS, and their countermeasures. Assessment and
reviewing of the system architecture is completed, with results and proper justifications to have a
secure and reliable.
A report on Apache as the chosen security attack is presented. This intends to evaluate depending
on its operations, settings, techniques, security threats etc. This report trues to propose important
mechanisms and solutions for meeting the necessary service. Moreover, it investigates Apache
networking operating system service with the help of Ubuntu, appropriate mechanisms and
protocols. Various papers are reviewed to know the results of the practical experiments and
makes sure to set up and configure the required tools for delivering the services. The report
outlines the findings and associated threats. Additionally, it determines the possible security
problems which must be identified in an OS, and their countermeasures. Assessment and
reviewing of the system architecture is completed, with results and proper justifications to have a
secure and reliable.
Table of Contents
1. Introduction..............................................................................................................................1
2. Background Information..........................................................................................................1
2.1 Scope.................................................................................................................................2
2.2 Limitation..........................................................................................................................3
3. Literature Review....................................................................................................................3
3.1 Overview...........................................................................................................................3
3.2 Summary...........................................................................................................................4
4. Architectural Diagram.............................................................................................................5
5. Experimental Work and Analysis............................................................................................6
5.1 Operation and Installation of Apache Server....................................................................6
5.2 Security issues and Countermeasures.............................................................................21
6. Evaluation and Reflection......................................................................................................23
6.1 Justification of Security of the Services and Systems.....................................................23
6.2 Recommendation............................................................................................................24
6.3 Development of Protocol and Future Advancement.......................................................24
6.4 Impact on other OS services and OS stability.................................................................25
7. Conclusion.............................................................................................................................25
References......................................................................................................................................26
1. Introduction..............................................................................................................................1
2. Background Information..........................................................................................................1
2.1 Scope.................................................................................................................................2
2.2 Limitation..........................................................................................................................3
3. Literature Review....................................................................................................................3
3.1 Overview...........................................................................................................................3
3.2 Summary...........................................................................................................................4
4. Architectural Diagram.............................................................................................................5
5. Experimental Work and Analysis............................................................................................6
5.1 Operation and Installation of Apache Server....................................................................6
5.2 Security issues and Countermeasures.............................................................................21
6. Evaluation and Reflection......................................................................................................23
6.1 Justification of Security of the Services and Systems.....................................................23
6.2 Recommendation............................................................................................................24
6.3 Development of Protocol and Future Advancement.......................................................24
6.4 Impact on other OS services and OS stability.................................................................25
7. Conclusion.............................................................................................................................25
References......................................................................................................................................26
1. Introduction
Apache HTTP server is referred as a software, which functions in the background under
an appropriate OS (operating system) that supports multi-tasking. Additionally, it facilitates
service to other applications which connects with it like client web browsers (Eager and Lister,
2016). Initially, it was designed for the Linux/Unix Oss, however it was gradually adapted by
other systems like Mac and Windows (Eftaiha, 2020).
Investigating a networking operating system service from the given network OS services
is the aim of this project, where the Apache networking operating system service is selected for
investigation. Ubuntu, associated mechanisms and protocols will be used for the investigation.
The objectives are listed below:
Practical experiments and sets up and configuring for the necessary tools to
deliver the services.
Study the selected network operating system service’s history and current OS
service domain.
Scope and limitations of the networking OS services
Architecture of client server
Associated services and protocols
Security suggestion for OS and services
Rational to select virtualization technology
Apache domain setting up and configuration for delivering OS service
Reflection and evaluation
2. Background Information
The term web server denotes a machine (PC or hardware), or a software which gets many
requests and sends the responses. By default the web server is supposed to accept the clients’
requests and in return send relative responses (Grant and Bull, 2012). A web server obtains a
URL, then it is translated to its respective filename (i.e., for the static requests), and sends that
file back via internet from the local disk, or it translates it to a program name (i.e., for the
dynamic requests), then execution takes place, and the program’s output is sent back via internet
to a requesting party. In case where the web server fails to process and finish the request. Then, it
sends an error message (Grant, 2010).
1
Apache HTTP server is referred as a software, which functions in the background under
an appropriate OS (operating system) that supports multi-tasking. Additionally, it facilitates
service to other applications which connects with it like client web browsers (Eager and Lister,
2016). Initially, it was designed for the Linux/Unix Oss, however it was gradually adapted by
other systems like Mac and Windows (Eftaiha, 2020).
Investigating a networking operating system service from the given network OS services
is the aim of this project, where the Apache networking operating system service is selected for
investigation. Ubuntu, associated mechanisms and protocols will be used for the investigation.
The objectives are listed below:
Practical experiments and sets up and configuring for the necessary tools to
deliver the services.
Study the selected network operating system service’s history and current OS
service domain.
Scope and limitations of the networking OS services
Architecture of client server
Associated services and protocols
Security suggestion for OS and services
Rational to select virtualization technology
Apache domain setting up and configuration for delivering OS service
Reflection and evaluation
2. Background Information
The term web server denotes a machine (PC or hardware), or a software which gets many
requests and sends the responses. By default the web server is supposed to accept the clients’
requests and in return send relative responses (Grant and Bull, 2012). A web server obtains a
URL, then it is translated to its respective filename (i.e., for the static requests), and sends that
file back via internet from the local disk, or it translates it to a program name (i.e., for the
dynamic requests), then execution takes place, and the program’s output is sent back via internet
to a requesting party. In case where the web server fails to process and finish the request. Then, it
sends an error message (Grant, 2010).
1
It is a known fact that Apache is a most widely-known web server that is present today.
Then, comes the Microsoft's IIS. The following reasons clarify the reason for its popularity
(Sumo Logic, 2020):
It can be downloaded for free and installed.
Being an open source, its source code can be seen by all, and allows anyone who
challenges to make adjustment to the code, to optimize it, resolve the errors and
security holes. Thus, it is possible to write and include new features, along with
new modules.
It suits all the requirements, because Apache could be utilized in small to large
websites and serve millions of regular visitors. It also serves static as well as
dynamic content.
Henceforth, Apache has a basic and original core which contains less features. It gets its
power from the additional functionality introduced via various modules which the programmers
write, and these programs are installed for increasing the capabilities of the server. For adding a
new module, it is just required to install it and the Apache server must be restarted. Any
unwanted functionalities could be discarded easily, and it is considered as a good practice
because it helps to keep the server light and small, which helps to start faster, allows less usage
of system memory and resources, and ensures a server to be least susceptible to the security
holes. Even the third party modules are supported by an Apache server, and few are included as
the permanent features in Apache 2. It is clear that the Apache server can easily integrate with
the other open source applications like MySQL and PHP, which makes it highly powerful.
2.1 Scope
This project has huge scope as it investigates and performs experiments on Apache
attacks and Apache networking OS service. This study’s analysis guarantees to provide effective
findings that can help to improve system services.
2.2 Limitation
A well-known and might web server like Apache offers various benefits, however it
contains some drawbacks such as follows (Apachebooster.com, 2017):
It is a process based server.
2
Then, comes the Microsoft's IIS. The following reasons clarify the reason for its popularity
(Sumo Logic, 2020):
It can be downloaded for free and installed.
Being an open source, its source code can be seen by all, and allows anyone who
challenges to make adjustment to the code, to optimize it, resolve the errors and
security holes. Thus, it is possible to write and include new features, along with
new modules.
It suits all the requirements, because Apache could be utilized in small to large
websites and serve millions of regular visitors. It also serves static as well as
dynamic content.
Henceforth, Apache has a basic and original core which contains less features. It gets its
power from the additional functionality introduced via various modules which the programmers
write, and these programs are installed for increasing the capabilities of the server. For adding a
new module, it is just required to install it and the Apache server must be restarted. Any
unwanted functionalities could be discarded easily, and it is considered as a good practice
because it helps to keep the server light and small, which helps to start faster, allows less usage
of system memory and resources, and ensures a server to be least susceptible to the security
holes. Even the third party modules are supported by an Apache server, and few are included as
the permanent features in Apache 2. It is clear that the Apache server can easily integrate with
the other open source applications like MySQL and PHP, which makes it highly powerful.
2.1 Scope
This project has huge scope as it investigates and performs experiments on Apache
attacks and Apache networking OS service. This study’s analysis guarantees to provide effective
findings that can help to improve system services.
2.2 Limitation
A well-known and might web server like Apache offers various benefits, however it
contains some drawbacks such as follows (Apachebooster.com, 2017):
It is a process based server.
2
Its biggest concern is security, because it allows configuration changes by an
individual which can lead to security issue.
Loss of permission.
When a personalized protocol is created it allows the creation of new bugs, so it
increases the need of debuggers.
It needs strict updating policy, which must be followed daily.
It fails to identify and disable unwanted services and modules, if not dealt can
becomes serious threats.
3. Literature Review
3.1 Overview
When a web application is deployed, how it is accessed by the end users is not
understood by many, this section gives a glimpse of this concept. The web applications sets a
gateway device from which the users are granted access. Apache Web Server is the popular
product that acts as Linux’s application gateway. Though, it could function like a normal web
server, it even contains the capability of connecting it via various other web servers. The
integration of a web application into Apache needs integration of HTTP protocol functionality,
customization of content for effectively decide and reuse the pieces of configuration. Thus, a
clear understanding of these functionalities, the required tools can be used to increase the
usability of the web application.
As per (Vokorokos, Baláž and Adam, 2015), the major goals of the OS includes the
effective utilization of system resources and its management. There are modern systems which
provide complicated mechanisms to manage the resources. The system use might be divided into
various layers, where the OS kernel is the least layer and the highest layer contains several
virtualization techniques. The middle layer contains the applications which consume the system
resources and the best example for such an application includes, Apache web server. The
researchers intended to study on creating highly effective resource management mechanism at
Apache web server level. It also facilitates a proposed architecture which treats the possible
security threats like Denial of Service (DoS) attacks. The Apache web server is selected for this
3
individual which can lead to security issue.
Loss of permission.
When a personalized protocol is created it allows the creation of new bugs, so it
increases the need of debuggers.
It needs strict updating policy, which must be followed daily.
It fails to identify and disable unwanted services and modules, if not dealt can
becomes serious threats.
3. Literature Review
3.1 Overview
When a web application is deployed, how it is accessed by the end users is not
understood by many, this section gives a glimpse of this concept. The web applications sets a
gateway device from which the users are granted access. Apache Web Server is the popular
product that acts as Linux’s application gateway. Though, it could function like a normal web
server, it even contains the capability of connecting it via various other web servers. The
integration of a web application into Apache needs integration of HTTP protocol functionality,
customization of content for effectively decide and reuse the pieces of configuration. Thus, a
clear understanding of these functionalities, the required tools can be used to increase the
usability of the web application.
As per (Vokorokos, Baláž and Adam, 2015), the major goals of the OS includes the
effective utilization of system resources and its management. There are modern systems which
provide complicated mechanisms to manage the resources. The system use might be divided into
various layers, where the OS kernel is the least layer and the highest layer contains several
virtualization techniques. The middle layer contains the applications which consume the system
resources and the best example for such an application includes, Apache web server. The
researchers intended to study on creating highly effective resource management mechanism at
Apache web server level. It also facilitates a proposed architecture which treats the possible
security threats like Denial of Service (DoS) attacks. The Apache web server is selected for this
3
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents
Managing Services and Securitylg...
|19
|1665
|145
INFRASTRUCTURE FOR DEPLOYING A WEBSITE.lg...
|3
|467
|1
Networking and Security - Application, Internet, and Physical Layerlg...
|5
|1001
|106
Network System Administration | Reportlg...
|59
|3164
|15
Managing Services and Securitylg...
|16
|1893
|489
Firewallslg...
|17
|1394
|368