A Comprehensive Approach to Abusing Locality in Shared Web Hosting Servers

机译：滥用共享Web托管服务器中的众所周知的综合方法

获取原文

页面导航

摘要
著录项
引文网络
相似文献
相关主题

摘要

With the growing of network technology along with the need of human for social interaction, using websites nowadays becomes critically important which leads in the increasing number of websites and servers. One popular solution for managing these large numbers of websites is using shared web hosting servers in order to decrease the overall cost of server maintenance. Despite affordability, this solution is insecure and risky according to high amount of reported defaces and attacks during recent years. In this paper, we introduce top ten most common attacks in shared web hosting servers which can occur because of the nature and bad configuration in these servers. Moreover, we present several simple scenarios that are capable of penetrating these kinds of servers even with the existence of several securing mechanisms. Finally, we provide a comprehensive secure configuration for confronting these attacks.

机译：随着网络技术的越来越多，随着人类进行社交互动的需求，现在使用网站变得严重重要，这导致了越来越多的网站和服务器。用于管理这些大量网站的一个流行解决方案正在使用共享Web托管服务器，以减少服务器维护的总成本。尽管实惠，但这种解决方案是根据近年来的报告缺陷和攻击的高量不安全和危险。在本文中，我们在共享Web托管服务器中引入了最高的常见攻击，这可能是由于这些服务器中的性质和不良配置而发生的。此外，我们展示了几种简单的场景，即使存在几种固定机制，也能够穿透这些类型的服务器。最后，我们为面对这些攻击提供了全面的安全配置。

著录项

来源
《IEEE International Conference on Trust, Security and Privacy in Computing and Communications》|2013年||共6页
会议地点
作者
Mirheidari Seyed Ali; Arshad Sajjad; Khoshkdahan Saeidreza; Jalili Rasool;
展开▼
作者单位

展开▼
会议组织
原文格式 PDF
正文语种
中图分类安全保密;
关键词
CSRF Token Poisoning; Convenient Phishing; Data Confidentiality Violation; Data Integrity Violation; Fast Brute Force; Intensive LFI; Log Poisoning; Log Snooping; Session Poisoning; Session Snooping; Shared Web Hosting;

机译：CSRF 令牌中毒;便捷的网络钓鱼;数据保密违反;数据完整性冲突;快速蛮力;强化 LFI;登录中毒;日志侦听;会话中毒;会话侦听;共享虚拟主机;

相似文献

外文文献
中文文献
专利

1. A Rational Approach to Hosting: Smart scalability with Verio Web Servers for Windows [J] . .Net Developer's Journal . 2007,第1期

机译：合理的托管方法：适用于Windows的Verio Web服务器的智能可伸缩性
2. p2pWeb: An open, decentralized infrastructure of Web servers for sharing ephemeral Web content [J] . Marc Sanchez-Artigas, rnJordi Pujol-Ahullo, rnLluis Pamies-Juarez, Computer networks . 2010,第12期

机译：p2pWeb：Web服务器的开放式，去中心化基础结构，用于共享临时Web内容
3. A COMPREHENSIVE APPROACH FOR SHARING SEMANTIC WEB TRUST RATINGS [J] . Jie Zhang, Robin Cohen Computational Intelligence . 2007,第3期

机译：共享语义Web信任评级的综合方法
4. A Comprehensive Approach to Abusing Locality in Shared Web Hosting Servers [C] . Mirheidari Seyed Ali, Arshad Sajjad, Khoshkdahan Saeidreza, 2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications . 2013

机译：共享Web托管服务器中滥用位置的综合方法
5. A System for Sharing Abuse Data with Web Hosting Providers. [D] . Weeden, Matthew. 2017

机译：与虚拟主机提供商共享滥用数据的系统。
6. Comprehensive Review of Web Servers and Bioinformatics Tools for Cancer Prognosis Analysis [O] . Hong Zheng, Guosen Zhang, Lu Zhang, 2020

机译：全面评估Web服务器和生物信息学工具进行癌症预后分析
7. Abusing Locality in Shared Web Hosting [O] . Nick Nikiforakis, Wouter Joosen, Martin Johns 2015

机译：在共享虚拟主机中滥用局部性

A Comprehensive Approach to Abusing Locality in Shared Web Hosting Servers

摘要

著录项

引文网络

相似文献

相关主题

期刊订阅