Web Server(Apache),

Web Server(Apache), Proxy Server(Squid) & Server Logs By Sanjay Kumar Malik Lecturer University School of IT GGS Indraprastha University Kashmere Gate, Delhi -110403

Contents Web Server and its types. Apache Web Server. Requirements for hosting web server. How web server works. Web server security. Proxy server,Types, Advantages. Network Devices. Linux & Its features. A few Linux commands. Server log. Network Security. Anti-x. Malicious Software (virus,worms,trojan horse). GGSIPU Website updating through VPN

Webserver & it’s types A computer that delivers.serves Web pages. Every Web server has an IP address and possibly a domain name. For example www.yahoo.com. A computer with appropriate configuration may be turned into a Web server by installing server software There are many Web server software applications like commonly used are -: Apache(Linux based) IIS(Internet Information Services by Microsoft)

Apache Web Server Apache is developed and maintained by an open community of developers. The first version of the Apache web server was created by Robert McCool. The application is available for a wide variety of operating systems including Unix, FreeBSD, Linux, Solaris, Novell NetWare, Mac OS X, and Microsoft Windows but commonly used for Linux. A free and open source software. As of November 2005, Microsoft IIS (Internet Information Services) gained popularity, Apache serves more than 50% of all websites.

Requirement for Hosting WebServer(WebSite). 1.Registere a DOMAIN Name. 2.High Bandwidth. 3.Public IP Addresses. 4.HighEnd Server (Hardware) 5.HTML/PHP/ASP(Language to write static & interactive web pages) Apache webserver/IIS. (s/w)

How Webserver works First the User enter www.yahoo.com in his/her Browser ( Internet Explorer/Netscape etc). The Request goes to Proxy server which is providing internet facility. Proxy Server then Forwards the Request(www.yahoo.com) to ISP Domain(say MTNL). ISP Domain contains list of all Web servers like yahoo.com, hotmail.com , google.com etc. and forward the Request to appropriate Web Servers. When the Request reaches at www.yahoo.com , it looks into its webpages directory to send back the desired webpage to the ISP(MTNL). ISP then forwards the webpage to Proxy server. Finally Proxy server sends the Request back to the original client from where is originated. www.yahoo.com ISP Domain Proxy server www.yahoo.com Note:-For Home users, request will go directly to ISP since home users don’t use proxy servers .

Web Server Security HTTPS stands for Hypertext Transfer Protocol over Secure Socket Layer, or HTTP over SSL. HTTPS encrypts and decrypts the page requests and page information between the client browser and the web server using a secure Socket Layer (SSL, like a Tunnel). HTTPS by default uses port 443 as opposed to the standard HTTP port of 80. SSL transactions are negotiated by means of a keybased encryption algorithm between the client and the server, This key is usually either 40 or 128 bits in strength (the higher the number of bits , the more secure the transaction).

Proxy Server,Advantages & Types(Squid & Others) A proxy server is a server (an application program) which serves the requests of its clients by forwarding requests to other servers. Advantages:- Provide internet access to its clients. It’s a centralize server for managing internet. Provide Monitoring services. Reduce the workload of router (client don’t connect to router directly). Proxy hides the clients from outside world. Squid (Linux based), ISA (Microsoft), Wingate (windows based). Squid is free and work on Linux. It doesn’t require high end servers. It provide blocking, filtering, monitoring services and other features. Clients Proxy Server WAN Link LAN Cables

Networking Devices Router:- It connects internal network to the external network. Works as a gateway for a network. Any computer which want to access a computer outside of its network has to use a Router. Features/specifications/commands:- Router provide security/authentication/monitoring .It provide connectivity between two different LAN, one LAN to WAN & WAN to WAN. Router comes with RAM, Flash Memory, OS, Physical port (Serial/Ethernet). Cisco has following series of router:-1600,1700,1800,2400,2600,2800 etc. Connecting to a router(commands):- #sh run : to show current config. To change password:- #enable ; #config (to go to config mode) ; #line console 0 ;#login #password cisco ; #end #exit (to exit)

Switches 1. A Network device. Provides connectivity to all machines. Basically a centralize device with intelligence to forward data. Generally , superior than hubs. It maintains a table by which it takes decision to forward data. It has speed of upto 1000 mbps. It comes with 8port,16port,24port,48port,72port and so on) MODEMS Modems(Modulator – Demodulator) are used to convert analog signals to digital signals and vice versa. Basically it’s converter. Cables FiberOptics:- It has speed upto 40000Mbps.Signals flow in lights form. Can cover 1000 mtr. Data travels with speed of light. UTP:- It has speed up to 1000Mpbs,signals flow in digital form.cover upto 100 mtr . Co-axial cable:- it has upto 100Mbps,can cover 100 mtr.

Linux Introduction & features Linus Benedict Torvalds was a second year student of Computer Science at the University of Helsinki . Linux Torvalds wanted to create a Free/Open Source OS. In 1991 he created the kernel(main part of OS) for Linux. Then he called several volunteer programmers across the world to participate in developing a free OS like Linux. Earlier he was using MINIX which has limitations. So he decided to devolope linux for enterprise/home users. Linux Features 1.Linux is free/open source(source codes are freely available). 2.Linux doesn’t require high end machines to start with. 3.Linux can be installed on 80286(first computer series). 4.Linux is Multitasking/Multiuser OS. 5.Linux is more secure than windows. 6.Linux is more stable and reliable. 7.Linux doesn’t cost too much.(support isn’t free). 8.Now Linux support various software like windows and coming with GUI features.

A few Linux commands Commands Description touch create new file mkdir create new dir. vi to edit file. cd change dir. cp copy file/dir. mv move file/dir rm remove file. rmdir remove dir. date view date. cal view calendar. bc view calculator. Init -0 shutdown the machine.

Server Logs Server log are basically records which indicated what had happened in a server. Logs gather the information about IP & Services on a server. Every Services running on server has its own server logs. Apache has it logs under dir /var/log/httpd/access.log #samle is attached. Squid has its logs under dir /var/log/squid/access.log #sample is attached. Squid logs 1209105932.207 3 172.16.78.42 TCP_IMS_HIT/304 303 GET http://www.ncbi.nlm.nih.gov/blast/js/utils.js - NONE/- application/x-javascript 1209105931.658 7 172.16.1.148 TCP_MEM_HIT/200 1212 GET http://www.relbio.com/images/careers_hover.jpg - NONE/- image/jpeg1208855587.146 5561 172.16.16.12 TCP_MISS/302 553 GET http://mail.yahoo.com / - DIRECT/202.86.7.110 text/html1208855687.590 712 172.16.1.1 TCP_MISS/302 572 GET http://orkut.com/ - DIRECT/72.14.209.85 text/html Apache Logs(mail.ipu.edu) 202.159.218.122 - - [22/Apr/2008:09:47:21 +0530] "GET /webmail/src/style.php?themeid=default_theme&templateid=default HTTP/1.1" 200 5627 " http://mail.ipu.edu/webmail/src/login.php " "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1.14) Gecko/20080404 Firefox/2.0.0.14" 59.90.72.161 - - [22/Apr/2008:09:12:14 +0530] "GET /webmail/src/style.php?themeid=default_theme&templateid=default HTTP/1.1" 200 5627 " http://mail.ipu.edu/webmail/src/login.php " "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; Embedded Web Browser from: http://bsalsa.com/)" 202.159.218.122 - - [22/Apr/2008:09:47:21 +0530] "GET /webmail/src/login.php HTTP/1.1" 200 2363 "http://mail.ipu.edu /" "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1.14) Gecko/20080404 Firefox/2.0.0.14"

Network Security A.What is Network security? Network security is the process of preventing and detecting unauthorized use of your Network. Prevention measures help you to stop unauthorized users (also known as "intruders hackers, attackers, or crackers") from accessing any part of your computer system. Intruders may be able to watch all your actions on the computer, or cause damage to your computer by reformatting your hard drive or changing your data. Types of Attacks: Dos (Denial of Services):- Attackers often flood lot of unwanted packets to a servers and cause the server to process them. As a result server get busy handling them and might come to a crash. Phishing:- It’s latest attack. Hacker creates a clone website of an authorized bank’s websites. When any user access that authorized bank’s website, the clone website comes up in place of the original and user insert all his accounts details which is actually going to a hacker. Social Networking:-Hackers often develop friendship with IT administrator so that they can get valuable information about their network and perform the desirable task.

Securing Networks Today, there are lots of methods for securing a network. Following are examples. Firewalll Firewall is a network security device. Firewall may be both software (iptables, windows firewall,shorewall)/hardware device.(cisco pix,cisco ASA, cyber-roam) Firewall works like a wall to secure a network Firewall checks every incoming/outgoing packet through network. Firewall, according to the set rules allow authorized packet to pass through Firewall helps deny, DoS, Phishing, Spams.Access attacks etc. IDS/IPS(Instrusion Detection Systems and Prevention Systems) IDS/IPS is a hardware devices. IDS/IPS work as final resource for detecting a threat,attack. It is much advance technique for detecting/preventing attacks. It detect these threats by watching for trends, looking for attacks that use particular patterns of messages.

Anti-X Apart from using firewall and IPS/IDS there other technique that can be used to prevent virus/attacks/threat. Anti-X(X refer to various sub name of Anti) Anti-Virus: Scans networks traffic to prevent the transmission of known viruses based on virus signatures. Scan for viruses, detect them and delete them. Anti-Spyware: Scan network traffic to prevent the transmission of spyware programs. Anti-Spam: Examines e-mail before it reaches the users, deleting or segregating junk e-mail. Anti-Phishing: Monitors URLs sent in messages through the network, looking for the fake URL, inherent in Phishing attacks, preventing the attack from reaching the users. URL-Filtering: Filters web traffic based on URL to prevent users from connecting to inappropriate sites. E-mail Filtering: Provides anti-spam tools. Also filters e-mails containing offensive materials, potentially protecting the Enterprise from lawsuits.

A few NetworkingTools GFI LANGuard GFI LANguard Network Security Scanner (N.S.S.) is an award-winning solution that allows you to scan, detect, assess and rectify any security vulnerabilities on your network. http://www.gfi.com/lannetscan/ Packet Trap The PacketTrap pt360 Tool Suite PRO consolidates dozens of network management and monitoring tools into a single, integrated interface. For more information visit: http:// www.packettrap.com/product/index.aspx OPManager - OPManager is a network monitoring software that can automatically discover our network, group your devices into intuitive maps, monitor devices in real-time and alert instantaneously on failure. http://manageengine.adventnet.com/products/opmanager/ IPAudit IPAudit can be used to monitor network activity for a variety of purposes. It has proved useful for monitoring intrusion detection, bandwith consumption and denial of service attacks. . For more informations visit:http://ipaudit.sourceforge.net/ Ethereal (Packet sniffer ) http://www.ethereal.com WireShark (packet sniffer) http://www.wireshark.org NMAP (port scanner) http://nmap.org MRTG ( Multi-route traffic generator) http://www.mrtg.com Spamassassin (Mail Filter) http://www.spamassassin.apache.org VNC (Remote desktop) http://www.realvnc.com

Malicious Software Is a software that is intentionally included or inserted in a system for a harmful purpose. Virus :-Computer viruses are small software programs that are designed to spread from one computer to another and to interfere with computer operation. Effects of Virus :- 1.A virus might corrupt or delete data on your computer. 2.Due to virus drives are not opened. 3.Slows down the speed of the system. 4.Taskmanager is Disabled.

Threats other than virus Worm :- A computer worm is a self-replicating computer program. It uses a network to send copies of itself to other nodes and it may do so without any user intervention. Trozan Horse :- Trojan horse is a piece of software which appears to perform a certain action but in fact performs another such as a computer virus. Spyware :- Spyware is software that performs actions such as creating unsolicited pop-ups, hijacks home/search pages, or redirects browsing results.

Antivirus “ Antivirus" is protective software designed to defend your computer against malicious software or "malware" includes: viruses, Trojans, etc. Examples:- Symantec antivirus. Trend micro. Mcafee antivirus. Panda antivirus etc.

How to use antivirus Install antivirus software on the computer. Update the virus definitions through internet. Download security patches from internet. Run security patch. Full Scan the system. Check the scan history of the system. Restart the system.

Symantec Antivirus Corporate Edition Centralized management and administration. Effective protection from spyware and adware. Protecting users from viruses that attempt to disable security measures. Virus protection and monitoring from a single management console. Backed by Symantec Security Response, the world’s leading Internet security research and support organization

Management of Symantec Antivirus in Indraprastha University There is a centrally managed antivirus server which is managing networked clients in the campus. It pulls latest virus definition files from symantec web server and push the virus definitions on the managed clients. Antivirus server check regularly managed clients. It scans the all managed clients in the given schedule time by the antivirus server. No need of manual scan on client side. No need to update definition on client side manually.

GGSIPU Website Updating through VPN Install VPN Client Software & configure VPN Certificate by following instructions given by NIC Click Start -> Programs -> Cisco Systems VPN Client -> VPN Client Select VPN Certificate & click on ‘Connect’ & enter login & password Now you logon in NIC Server Open Internet Explorer & enter ftp url e.g. ftp:// ipu.ac.in Right click and enter login & password Web Server Window containing files & folder open Now to upload any file or folder just use copy & past in desired folder Note: Take care of correct path, deleting, or overriding any files / folders Thank You.

Web Server(Apache),

More Related Content

What's hot (20)

Viewers also liked (20)

Similar to Web Server(Apache), (20)

More from webhostingguy (20)

Web Server(Apache),