Solution : Modify the Default Header
#define SERVER_BASEPRODUCT "Apache" -> #define SERVER_BASEPRODUCT "Koolweb"
#define SERVER_BASEREVISION "1.3.20" -> #define SERVER_BASEREVISION "3.7.1"
Compile and install
add ServerTokens Min to httpd.conf
2. Protecting Web Data with IP Restrictions
Solution(1) : Protecting Web Data with IP Restrictions
(Not Suitable : Reason - Allow all users in the internet to access)
Add "Deny from All"
Add "Allow from 192.168.1.100"
Add "Allow from 192.168.1.101" in httpd.conf
Current -> "Allow from All"
Solution(2) : Use HTTP Authentication to restricts user to access a particular directory
(Not Suitable : Reason - No password required for external users to access)
3. Snooping an HTTP Authentication Username/Password
Solution : User Secure HTTP Connections
(Not Suitable : Reason - No password required for external users to access)
4. Allowing ".." in the URL(a.k.a. the Double-Dot)
Solution : User Apache Web Server
(We are already using Apache!!!!)
5. Dangerous Symbolic Links
Solution : Securely Configuration Symbolic Links
Add
"
Options FollowSymLinks ->or Options SymLinkIfOwnerMatch
AllowOverride None
Current -> no symbolic links in "DocumentRoot /usr/local/apache/firstpage"
6. Obtaining Directory Contents
Solution : Preventing Directory Indexes
Remove all Indexes from all Option directives in httpd.conf
7. Security Through Obscurity" Is Neither
Solution : Don't Rely on Security Through Obscurity
Don't put the information that you don't want the world to access in the "PUBLIC AREA"
although you haven't create and hyperlink to "THEM"
8. Insecure CGI Configuration
Solution(1) : Restricting CGI to Certain Directories
Add ScriptAlias /cgi-bin/ "/usr/local/apache/cgi-bin/" in httpd.conf
Current -> It is already in httpd.conf
Solution(2) : Do Not Allow CGI Execution Based on File Name
Comment AddHandler cgi-script .cgi in httpd.conf
Current -> It is already comment
9. Excuting Older Versions of CGIs
Solution(1) : Restrict Access to files Based on Name
Add this in httpd.conf
Order allow,deny
Deny from all
Solution(2) : Don't Keep Old Copies of CGIs or any old version programs
Comment -> We should better choose this but i think we should move the old version programs
to unaccessiable directories(from outside) or to another server since we may need those
old programs for reference.
10. Insecure CGIs Affecting Other Web Sites
Solution : Run CGIs as Different Users -> Using suEXEC to do so
Current -> No Virtual Hosts is currently set
(Not Suitable - suEXEC require setuid and setgid but these two commands are not available in SuSE)
11. Attacking Poorly Configured HTTP Authentication
Solution(1) : Secure Use of .htaccess Files for HTTP Authentication
Add AllowOverride AutConfig in httpd.conf
Add AccessFileName .htaccess
Current -> AllowOverride None
Current -> AccessFileName .htaccess
If we want to do so, the "Files" option must be set
Order allow,deny
Deny from all
(Not Suitable : Reason - No password required for external users to access)
Solution(2) : Secure Use of httpd.conf for HTTP Authentication
Add this in httpd.conf
AuthType Basic
AuthName "My Private Directory"
AuthUserFile /usr/local/apache/misc/my_private_dir.htpasswd
require valid-user
(Not Suitable : Reason - No password required for external users to access)
12. Exploiting Default Configuration Problems
Solution(1) : Remove Online Manuals
Current -> No Online Manual
Solution(2) : Remove Default Welcome Pages
Solution(3) : Remove CGI Execution Based on File Name
Solution(4) : Securely Configuring Parsed HTML Files
comment the followings:
AddType text/html .shtml
AddHandler server-parsed .shtml
Current -> They are already comment
Solution(5) : Securely Configuring the Displaying of Server Status and Information
comment the followings:
SetHandler server-status
Order deny,allow
Deny from all
Allow from .your_domain.com
Current -> They are already comment
Solution(6) : Configuring public_html Directories
Turn off if not necessary
Current -> Turn off
13. Exploiting Default Proxy Configuration
Solution : Securing Proxy Server Directives
(Since we are not using the Web Server as HTTP Proxy, we should turn them off)
Current -> Turn off
CGI Problems
14. Exploiting Pre-Shipped and Downloadable CGIs
Solution : Delete Unnecessary CGI Program in cgi-bin
15. Assuming Input Fields Received Are the Only Ones Expected
Solution : Always Check Fields Received
16. Exploiting Trust in Hidden Fields
Solution : Use MD5 to Validate Hidden Fields
17. Exploiting Trust in the Length of User Input
Solution : Always Check the Length of Data
18. Exploiting Trust in Referer Headers
Solution : Don't Rely on Referer Headers
19. Exploiting Trust in Cookies
Solution(1) : Don't Rely on Cookies -> Check data from cookies
Solution(2) : User SSL When Using Cookies
20. Exploiting Trust in File Name Characters
Solution(1) : Open Files in Explicit Read Mode
Solution(2) : Verify the Characters in the File Name -> Don't Use Special Character
21. Posted Input Contains a Null Character
Solution : Verify the Character in the Input -> Accept expected character
22. Abusing JavaScript Preprocessing
Solution : Never Assume Preprocessing -> Check format of data(Modify if necessary)
23. Exploiting System Calls and Pipes
Solution(1) : Never Trust Form Input as Arguments for System Calls and Pipes -> check input with no special characters
Solution(2) : Execute system() As a List -> Seperate Input to list(divide them in pieces)
Solution(3) : Use fork() and exec() ->
24. Exploiting Web Farms
Solution : Choose an ISP Wisely
沒有留言:
發佈留言