SYSTEM&WEB HACKING: Identify Countermeasures against Webserver Attacks

Monday, August 29, 2011

Identify Countermeasures against Webserver Attacks

A web server administrator can do many things to harden a server (increase its security). The following are ways to increase the security of the web server:

Rename the administrator account, and use a strong password. To rename the administrator account in Windows, open the User Manager, right-click the Administrator account, and select Rename.

Disable default websites and FTP sites. The process to disable default websites was described earlier in this chapter: right-click the default website in IIS Manager and choose Stop. The same process works for the default FTP site.

Remove unused applications from the server, such as WebDAV. Unnecessary applications can be removed on a server by using Add/Remove Programs in the Windows Control Panel.

Disable directory browsing in the web server’s configuration settings.

Add a legal notice to the site to make potential attackers aware of the implications of hacking the site.


Apply the most current patches, hotfixes, and service packs to the operating system and web server software.

Perform bounds checking on input for web forms and query strings to prevent buffer overflow or malicious input attacks.

Disable remote administration.

Use a script to map unused file extensions to a 404 (“File not found”) error message.

Enable auditing and logging.

Use a firewall between the web server and the Internet and allow only necessary ports (such as 80 and 443) through the firewall.

Replace the GET method with the POST method when sending data to a web server.

No comments: