Unit 4: Servers

Introduction to Web Servers

Web Servers: Web servers are software programs that handle requests from web clients (such
as browsers) and deliver web content back to them over the Internet.

Types of Web Servers:

1. PWS (Personal Web Server):

○ A simplified version of a web server designed for individual users to host web
pages on their personal computers.
○ Primarily used for local testing and small-scale personal projects.
○ Easy to set up and configure through a user-friendly interface.
○ Offers basic functionalities like serving static content (HTML, CSS) and simple
dynamic content.
2. IIS (Internet Information Services):
○ A robust and flexible web server created by Microsoft, used to host websites and
other content on the web.
○ Supports multiple protocols, including HTTP, HTTPS, FTP, FTPS, SMTP, and
NNTP.
○ Managed through the IIS Manager, which provides tools for deploying and
managing web applications, setting up virtual directories, configuring security
settings, and monitoring server performance.
○ Offers advanced features like application pool management, request filtering, and
URL rewriting.
3. Apache:
○ A widely-used open-source web server software known for its flexibility and
extensive feature set.
○ Supports various modules and extensions to enhance functionality, such as
SSL/TLS for secure connections, URL redirection, and load balancing.
○ Compatible with multiple operating systems, including UNIX, Linux, and
Windows.
○ Configuration is done through text files like httpd.conf and .htaccess,
allowing fine-grained control over server behavior and security settings.
4. Microsoft Personal Web Server:
○ A lightweight version of IIS intended for personal use, facilitating easy hosting
and development of web content on Windows machines.
○ Ideal for small websites and personal projects, offering basic functionalities
similar to those of IIS but on a smaller scale.
Privacy and Security Topics:

Introduction to Privacy and Security:

1. Software Complexity:
○ As software systems grow in complexity, they become more challenging to
secure. Increased complexity often leads to more vulnerabilities and potential
security risks.
○ Maintaining security involves regular updates, patches, and thorough testing to
identify and mitigate potential weaknesses.
2. Attacks:
○ Various types of attacks target vulnerabilities in web servers and applications.
Common examples include:
■ Phishing: Attempts to obtain sensitive information by masquerading as a
trustworthy entity.
■ Malware: Malicious software designed to disrupt, damage, or gain
unauthorized access to computer systems.
■ DDoS (Distributed Denial of Service): Overwhelms a server with traffic
from multiple sources, rendering it unavailable to legitimate users.
○ Implementing strong security measures, such as firewalls, intrusion detection
systems, and regular security audits, helps protect against these threats.
3. Security and Privacy Levels:
○ Implementing different levels of security and privacy measures based on the
sensitivity of information and user requirements.
○ Examples include encryption for data transmission, access control mechanisms,
and secure storage solutions to ensure confidentiality, integrity, and availability of
data.

Security Policy:

1. Security Policy:
○ A set of guidelines and practices designed to protect information and maintain
secure operations.
○ Involves defining roles, responsibilities, and acceptable use policies to ensure
consistent security practices across the organization.
○ A well-defined security policy includes:
■ Data Classification: Categorizing data based on its sensitivity and
determining appropriate handling and protection measures.
■ Access Control: Defining who has access to what information and
resources, and under what conditions.
■ Incident Response: Establishing procedures for responding to security
breaches or incidents, including reporting, investigation, and remediation.
2. Accessibility and Risk Analysis:
○ Evaluating the accessibility needs of users against potential security risks.
 ○ Involves identifying vulnerabilities, assessing their potential impact, and
implementing appropriate security measures to mitigate risks while maintaining
usability.
○ Steps in risk analysis include:
■ Threat Identification: Determining potential threats to the system.
■ Vulnerability Assessment: Identifying weaknesses that could be
exploited by threats.
■ Impact Analysis: Evaluating the potential consequences of a security
breach.
■ Risk Mitigation: Implementing measures to reduce the likelihood or
impact of identified risks.

Encryption Schemes:

1. Encryption:
○ The process of encoding data to prevent unauthorized access. Common
encryption schemes include:
■ SSL/TLS: Secure protocols for encrypting data transmitted over the
internet, ensuring secure communication between clients and servers.
○ Encryption is essential for protecting sensitive information during transmission
and storage, safeguarding it from interception and unauthorized access.
○ Types of encryption:
■ Symmetric Encryption: Uses the same key for both encryption and
decryption. Faster but requires secure key management.
■ Asymmetric Encryption: Uses a pair of keys (public and private) for
encryption and decryption. More secure but computationally intensive.
2. Secure Web Documents:
○ Ensuring web documents are transmitted securely using protocols like HTTPS,
which encrypts data between the server and client.
○ Using secure coding practices to prevent vulnerabilities like cross-site scripting
(XSS) and SQL injection.
○ Regularly updating and patching web server software and applications to address
security vulnerabilities.

Digital Signatures:

● Used to verify the authenticity and integrity of digital messages or documents.

● Provides assurance that the content has not been altered and confirms the identity of the
sender.
● Commonly used in secure communications, legal documents, and software distribution.
● How Digital Signatures Work:
○ Creation: The sender creates a hash (a unique fixed-size string) of the message
or document using a hashing algorithm. This hash is then encrypted using the
sender's private key, creating the digital signature.
 ○ Verification: The recipient decrypts the digital signature using the sender's
public key, revealing the original hash. The recipient also generates a hash of the
received message or document. If the decrypted hash and the generated hash
match, the message or document is verified as authentic and unaltered.

● Public Key Infrastructure (PKI):

○ Certificate Authority (CA): A trusted entity that issues digital certificates to
validate the identity of individuals or organizations.
○ Digital Certificates: Contain the public key and identity information of the
certificate holder, used to establish trust in digital communications.

Firewalls:

1. Firewalls:
○ Security systems that monitor and control incoming and outgoing network traffic
based on predetermined security rules.
○ Act as a barrier between trusted internal networks and untrusted external
networks, blocking unauthorized access while allowing legitimate communication.
○ Functions of firewalls:
■ Packet Filtering: Inspects packets and allows or blocks them based on
source/destination IP addresses, ports, and protocols.
■ Stateful Inspection: Monitors the state of active connections and makes
decisions based on the context of traffic.
■ Proxy Service: Intercepts and inspects all traffic between the network
and external sources, providing an additional layer of security.
2. Types of Firewalls:
○ Packet-Filtering Firewalls: Analyze network packets and allow or block them
based on predefined rules. Simple and fast but can be bypassed by sophisticated
attacks.
○ Stateful Inspection Firewalls: Monitor the state of active connections and make
decisions based on the context of traffic. More secure than packet-filtering
firewalls.
○ Proxy Firewalls: Intercept and inspect all traffic between the network and
external sources, providing an additional layer of security. Can filter content and
cache web pages.
○ Next-Generation Firewalls (NGFW): Combine traditional firewall functions with
advanced features like intrusion prevention, application awareness, and
cloud-delivered threat intelligence.

Intrusion Detection Systems (IDS):

1. IDS:
○ Tools used to detect unauthorized access or violations of policy within a network.
 ○ Monitor network traffic for suspicious activity and can alert administrators or take
action to block potential threats.
○ Functions of IDS:
■ Signature-Based Detection: Compares network traffic against a
database of known attack signatures.
■ Anomaly-Based Detection: Identifies deviations from normal network
behavior, potentially indicating a new or unknown attack.
2. Types of IDS:
○ Network-Based IDS (NIDS): Monitor network traffic for suspicious activity across
the entire network. Typically deployed at strategic points, such as the network
perimeter.
○ Host-Based IDS (HIDS): Monitor individual host systems for signs of suspicious
activity or policy violations. Can analyze system logs, file integrity, and user
activities.