Apache Security - Ivan Ristic [9]
Table 1-1 gives a list of reasons someone may attack you. This list (and the one that follows it) is somewhat optimized. Compiling a complete list of all the possibilities would result in a multipage document. Though the document would have significant value, it would be of little practical use to you. I prefer to keep it short, simple, and manageable.
Table 1-1. Major reasons why attacks take place
Reason
Description
To grab an asset
Attackers often want to acquire something valuable, such as a customer database with credit cards or some other confidential or private information.
To steal a service
This is a special form of the previous category. The servers you have with their bandwidth, CPU, and hard disk space are assets. Some attackers will want to use them to send email, store pirated software, use them as proxies and starting points for attacks on other systems, or use them as zombies in automated distributed denial of service attacks.
Recognition
Attacks, especially web site defacement attacks, are frequently performed to elevate one's status in the underground.
Thrill
Some people love the thrill of breaking in. For them, the more secure a system, the bigger the thrill and desire to break in.
Mistake
Well, this is not really a reason, but attacks happen by chance, too.
Table 1-2 gives a list of typical attacks on web systems and some ways to handle them.
Table 1-2. Typical attacks on web systems
Attack type
Description
Mitigation
Denial of service
Any of the network, web-server, or application-based attacks that result in denial of service, a condition in which a system is overloaded and can no longer respond normally.
Prepare for attacks (as discussed in Chapter 5). Inspect the application to remove application-based attack points.
Exploitation of configuration errors
These errors are our own fault. Surprisingly, they happen more often than you might think.
Create a secure initial installation (as described in Chapter 2-Chapter 4). Plan changes, and assess the impact of changes before you make them. Implement independent assessment of the configuration on a regular basis.
Exploitation of Apache vulnerabilities
Unpatched or unknown problems in the Apache web server.
Patch promptly.
Exploitation of application vulnerabilities
Unpatched or unknown problems in deployed web applications.
Assess web application security before each application is deployed. (See Chapter 10 and Chapter 11.)
Attacks through other services
This is a "catch-all" category for all other unmitigated problems on the same network as the web server. For example, a vulnerable MySQL database server running on the same machine and open to the public.
Do not expose unneeded services, and compartmentalize, as discussed in Chapter 9.
In addition to the mitigation techniques listed in Table 1-2, certain mitigation procedures should always be practiced:
Implement monitoring and consider implementing intrusion detection so you know when you are attacked.
Have procedures for disaster recovery in place and make sure they work so you can recover from the worst possible turn of events.
Perform regular backups and store them off-site so you have the data you need for your disaster recovery procedures.
To continue your study of threat modeling, I recommend the following resources:
For a view of threat modeling through the eyes of a programmer, read Threat Modeling by Frank Swiderski