Home arrow Apache arrow Page 2 - Common Attacks in Apache

Types of Attacks - Apache

Because Apache is complex, coding errors are possible. Fortunately, Apache is mature enough that this is not a frequent occurrence, and occasionally, overlooked errors are found and fixed. This chapter covers some basics of Apache’s vulnerabilities and recent known security problems. (From Hardening Apache by Tony Mobily, Apress, 2004, ISBN: 1590593782.)

  1. Common Attacks in Apache
  2. Types of Attacks
  3. Apache Vulnerabilities: Practical Examples
  4. Directory Displayed
  5. Common Attacks
  6. SSL Buffer Overflow
By: Apress Publishing
Rating: starstarstarstarstar / 14
September 13, 2004

print this article



Not every attack is the same. In general, you can divide attacks into two categories:

  • Ones that aim at gaining a remote shell. A remote shell is the ability to run arbitrary commands on a remote computer. For a cracker, having a remote shell is only the beginning; remote shells are usually obtained as a normal user, and in such a situation there is very little a cracker can do. These attacks are generally less common, and are caused by a buffer overflow. They are extremely dangerous, because they give the attacker full access to your server. Even though the attacker is only able to execute commands as the user Apache runs as, very often a remote shell leads to a root shell. A root shell is the ability to run any command as root—in such a case, the user (and the cracker) has complete control over the server.

  • Denial of Service (DOS) attacks. These aim at crashing your server. For example a DOS attack against Apache can be caused by a problem in the way Apache was coded (a weird request could cause Apache to simply die, or consume all the available resources).

Denial Of Service attacks are probably less dangerous than remote shell attacks, but they are much more common and can cause major problems.

Important Reference Sites

There are some key web sites that every system administrator should be aware of when dealing with Apache’s security. For a more comprehensive list of available resources, please refer to Appendix A of this book. Two sites in particular, Apache Week and CVE, are particularly important and are the starting points for the following sections, so I’ll introduce them now.

Apache Week

Apache Week (http://www.apacheweek.com) is a priceless resource for Apache in general; its newsletters will help you keep up with Apache’s development, and you'll learn important news about Apache. More importantly, its “Apache Security” section is the best summary of the security problems you can find in Apache: http://www.apacheweek.com/features/security-20.


Every vulnerability is given a very precise name, or ID. For example, the vulnerability “Remote DoS via IPv6” has the ID CAN-2003-0254. The naming convention used is the one set by CVE (Common Vulnerabilities and Exposures). CVE aims to be a dictionary, not a database, of every single publicly known vulnerability. It is also a valuable repository of information on every listed vulnerability. Its web address is http://cve.mitre.org/.   

This chapter is from Hardening Apache, by Tony Mobily. (Apress, 2004, ISBN: 1590593782). Check it out at your favorite bookstore today. Buy this book now.

>>> More Apache Articles          >>> More By Apress Publishing

blog comments powered by Disqus
escort Bursa Bursa escort Antalya eskort


- Apache Unveils Cassandra 1.2
- Apache on ARM Chips? Dell and Calxeda Help M...
- The Down Side of Open Source Software
- VMware Unveils Serengeti for Apache Hadoop
- SAP Takes Steps to Improve Hadoop Integration
- Looking to Hone Apache Hadoop Skills?
- How to Install Joomla on WAMPP
- Working with XAMPP and Wordpress
- GUI Available for Apache Camel
- Reduce Server Load for Apache and PHP Websit...
- Creating a VAMP (Vista, Apache, MySQL, PHP) ...
- Putting Apache in Jail
- Containing Intrusions in Apache
- Server Limits for Apache Security
- Setting Permissions in Apache

Developer Shed Affiliates


Dev Shed Tutorial Topics: