Open davidzhao800 opened 7 years ago
Currently our server is vulnerable to slowloris attack.
Update: Server is safe from slowloris by installing libapache2-mod-qos
Server is vulnerable to SYN flood attack. e.g. sudo netwox 76 -i "188.166.240.12" -p "80"
Update: I turned on the linux built in protection: https://www.symantec.com/connect/articles/hardening-tcpip-stack-syn-attacks net.ipv4.tcp_syncookies = 1 net.ipv4.tcp_max_syn_backlog = 2048 net.ipv4.tcp_synack_retries = 3
DNS Injection - Attacks that can inject fake DNS names into your server's cache
Spam from web forms is not only prevalent, it's a fast-track method of getting your domain blacklisted by the likes of Spamhaus.
Update: fixed by installing libapache2-mod-spamhaus.
DDOS attack
Update: protected by installing libapache2-mod-evasive
Disable root login and password login
Setup Cron job to backup mysql Weekly.
Update: finish.
Standardize permission for files on server
sudo a2dismod autoindex
Lab TA will continue trying to hack your project group's web application against a checklist (that is not shown to you) and if it survives, we will consider that it is safe enough. For testing purposes, you need to let your Lab TA know the user account details of at least 1 admin and 2 students (that is, you do not need to manually setup the other N-2 students).