Web servers consist of both hardware and software, which are used to host websites, but unlike network and operating systems, they can be accessed anywhere on the internet. Their easily accessible nature makes it easy for attackers to take advantage of the software weaknesses and system configuration errors, thereby compromising the system.
When attackers take advantage of these systems, a good number of negative influences could occur. From website defacement to data theft, modification, and compromise of user accounts. Attackers could also gain root access to other servers or applications.
Attackers could gain access to web servers due to the following reasons -
These attacks are used to gain credentials for further nefarious acts. Here, the attacker plows the web servers with a lot of requests, causing the server to be inaccessible to validated users. Attackers use this method for high profile servers such as government organizations, banks or credit card payment gateways.
When these attacks are successful, they result in service downtime, lack of trust between clients and organization owners, financial losses and many more.
Here, the attacker takes over the DNS or modify the DNS settings to redirect all requests from the victim web server to the hackers malicious servers.
When the DNS server has been compromised, and the target machine sends a request to the server, the server checks the DNS map for the requested domain name, and this is where the attacker is able to redirect the user request to its malicious site.
This uses the DNS recursive method, to redirect the DNS.
This is the process whereby a user tries to figure out the IP address of another system, requesting that the answer is sent to the users IP address. This question goes from the primary server to the root server, and if the root servers are unable to give an answer, they give a website where this IP address can be found. This address redirects the question to the primary server of the IP address the user seeks and this answer is sent back to the users IP address, through its primary server.
Here, the attacker uses a sequencing method, to gain access to limited directories located outside the root server directory. Attackers could also use an investigative trial and error method to discover sensitive information outside the root server directory.
The man-in-the-middle, also known as the sniffing attack, is used to intercept communications between the user and web server, and ultimately gain sensitive information, by acting as a proxy. How this is done, is the attacker intercepts the user communicating with the web server, by stealing session IDs, and using these IDs to connect with the web server, such that when the user sends a request to the web server, the attack is able to replay that request, and also have access to the response the web server sends to the user, without the victim knowing about it.
The attacker tricks the user into divulging login details of a particular website server, by putting up a fake webpage. When the details have been stolen, the attacker poses as the legitimate user and performs unauthorized activities on the target website server.
This is used by an attacker to modify the current outlook of the target website, to graphics or words that are generally offensive. This is done with the objective of defacing and discrediting the target website. The modification stays that way until the owner gains back access to the website settings; hence visitors or clients are privy to misleading information. The attackers perform this malicious act with different techniques, one of which is the MYSQL injection.
The attackers take advantages of the vulnerabilities in the system, for instance, remote administration functions, default SSL certificates, script files, error messages, and default passwords, to perform malicious acts such as theft, intrusion and directory transversal.
When there is need to transfer unencrypted data over an insecure network, the SSH protocols are used to create an SSH tunnel to process this data. Attackers could brute force these tunnels, gain unauthorized access to the system, and transmit malware and other malicious applications through the tunnels.
Here, the attacker tries to gain access to passwords of well-protected sections. For instance root administration, demo, test, guest as well as others, through methods such as spoofing, phishing, social engineering, Trojan horses and so on.
The passwords cannot be cracked if the attacker cannot prove their validity as users of the systems, and while these passwords can be cracked manually, they can also be cracked with tools such as Brutus, Cain and Abel and so on.
Guessing: this could be done manually or with tools, provided a dictionary of probable words is put in place.
Dictionary attacks: here a list of probable words is run in the system, and as long as the password is simple, this method is likely to crack the password.
Hybrid attacks: they are similar to dictionary attacks, with the inclusion of numbers and symbols.
Published with the express permission of the author.