Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Web Server(Apache),


Published on

  • Be the first to comment

Web Server(Apache),

  1. 1. Web Server(Apache), Proxy Server(Squid) & Server Logs By Sanjay Kumar Malik Lecturer University School of IT GGS Indraprastha University Kashmere Gate, Delhi -110403
  2. 2. Contents <ul><li>Web Server and its types. </li></ul><ul><li>Apache Web Server. </li></ul><ul><li>Requirements for hosting web server. </li></ul><ul><li>How web server works. </li></ul><ul><li>Web server security. </li></ul><ul><li>Proxy server,Types, Advantages. </li></ul><ul><li>Network Devices. </li></ul><ul><li>Linux & Its features. </li></ul><ul><li>A few Linux commands. </li></ul><ul><li>Server log. </li></ul><ul><li>Network Security. </li></ul><ul><li>Anti-x. </li></ul><ul><li>Malicious Software (virus,worms,trojan horse). </li></ul><ul><li>GGSIPU Website updating through VPN </li></ul>
  3. 3. Webserver & it’s types <ul><li>A computer that delivers.serves Web pages. </li></ul><ul><li>Every Web server has an IP address and possibly a domain name. For example </li></ul><ul><li>A computer with appropriate configuration may be turned into a Web server by installing server software </li></ul><ul><li>There are many Web server software applications like commonly used are -: </li></ul><ul><li>Apache(Linux based) </li></ul><ul><li>IIS(Internet Information Services by Microsoft) </li></ul>
  4. 4. Apache Web Server <ul><li>Apache is developed and maintained by an open community of developers. </li></ul><ul><li>The first version of the Apache web server was created by Robert McCool. </li></ul><ul><li>The application is available for a wide variety of operating systems including Unix, FreeBSD, Linux, Solaris, Novell NetWare, Mac OS X, and Microsoft Windows but commonly used for Linux. </li></ul><ul><li>A free and open source software. </li></ul><ul><li>As of November 2005, Microsoft IIS (Internet Information Services) gained popularity, </li></ul><ul><li>Apache serves more than 50% of all websites. </li></ul>
  5. 5. Requirement for Hosting WebServer(WebSite). <ul><li>1.Registere a DOMAIN Name. </li></ul><ul><li>2.High Bandwidth. </li></ul><ul><li>3.Public IP Addresses. </li></ul><ul><li>4.HighEnd Server (Hardware) </li></ul><ul><li>5.HTML/PHP/ASP(Language to write static & interactive web pages) </li></ul><ul><li>Apache webserver/IIS. (s/w) </li></ul>
  6. 6. How Webserver works <ul><li>First the User enter in his/her Browser ( Internet Explorer/Netscape etc). </li></ul><ul><li>The Request goes to Proxy server which is providing internet facility. </li></ul><ul><li>Proxy Server then Forwards the Request( to ISP Domain(say MTNL). </li></ul><ul><li>ISP Domain contains list of all Web servers like, , etc. and forward the Request to appropriate Web Servers. </li></ul><ul><li>When the Request reaches at , it looks into its webpages directory to send back the desired webpage to the ISP(MTNL). </li></ul><ul><li>ISP then forwards the webpage to Proxy server. </li></ul><ul><li>Finally Proxy server sends the Request back to the original client from where is originated. </li></ul> ISP Domain Proxy server Note:-For Home users, request will go directly to ISP since home users don’t use proxy servers .
  7. 7. Web Server Security <ul><li>HTTPS stands for Hypertext Transfer Protocol over Secure Socket Layer, or HTTP over SSL. </li></ul><ul><li>HTTPS encrypts and decrypts the page requests and page information between the client browser and the web server using a secure Socket Layer (SSL, like a Tunnel). </li></ul><ul><li>HTTPS by default uses port 443 as opposed to the standard HTTP port of 80. </li></ul><ul><li>SSL transactions are negotiated by means of a keybased encryption algorithm between the client and the server, </li></ul><ul><li>This key is usually either 40 or 128 bits in strength (the higher the number of bits , the more secure the transaction). </li></ul>
  8. 8. Proxy Server,Advantages & Types(Squid & Others) <ul><li>A proxy server is a server (an application program) which serves the requests of its clients by forwarding requests to other servers. </li></ul><ul><li>Advantages:- </li></ul><ul><li>Provide internet access to its clients. It’s a centralize server for managing internet. Provide Monitoring services. Reduce the workload of router (client don’t connect to router directly). Proxy hides the clients from outside world. </li></ul><ul><li>Squid (Linux based), ISA (Microsoft), Wingate (windows based). </li></ul><ul><li>Squid is free and work on Linux. It doesn’t require high end servers. It provide blocking, filtering, monitoring services and other features. </li></ul>Clients Proxy Server WAN Link LAN Cables
  9. 9. Networking Devices <ul><li>Router:- It connects internal network to the external network. Works as a gateway for a network. Any computer which want to access a computer outside of its network has to use a Router. </li></ul><ul><li>Features/specifications/commands:- </li></ul><ul><li>Router provide security/authentication/monitoring .It provide connectivity between two different LAN, one LAN to WAN & WAN to WAN. </li></ul><ul><li>Router comes with RAM, Flash Memory, OS, Physical port (Serial/Ethernet). </li></ul><ul><li>Cisco has following series of router:-1600,1700,1800,2400,2600,2800 etc. </li></ul><ul><li>Connecting to a router(commands):- #sh run : to show current config. To change password:- #enable ; #config (to go to config mode) ; #line console 0 ;#login #password cisco ; #end #exit (to exit) </li></ul>
  10. 10. Switches 1. A Network device. Provides connectivity to all machines. Basically a centralize device with intelligence to forward data. Generally , superior than hubs. It maintains a table by which it takes decision to forward data. It has speed of upto 1000 mbps. It comes with 8port,16port,24port,48port,72port and so on) <ul><li>MODEMS </li></ul><ul><li>Modems(Modulator – Demodulator) are used to convert analog signals to digital signals and vice versa. Basically it’s converter. </li></ul><ul><li>Cables </li></ul><ul><li>FiberOptics:- It has speed upto 40000Mbps.Signals flow in lights form. Can cover 1000 mtr. Data travels with speed of light. </li></ul><ul><li>UTP:- It has speed up to 1000Mpbs,signals flow in digital form.cover upto 100 mtr . </li></ul><ul><li>Co-axial cable:- it has upto 100Mbps,can cover 100 mtr. </li></ul>
  11. 11. Linux Introduction & features <ul><li>Linus Benedict Torvalds was a second year student of Computer Science at the University of Helsinki . </li></ul><ul><li>Linux Torvalds wanted to create a Free/Open Source OS. </li></ul><ul><li>In 1991 he created the kernel(main part of OS) for Linux. </li></ul><ul><li>Then he called several volunteer programmers across the world to participate in developing a free OS like Linux. </li></ul><ul><li>Earlier he was using MINIX which has limitations. </li></ul><ul><li>So he decided to devolope linux for enterprise/home users. </li></ul><ul><li>Linux Features </li></ul><ul><li>1.Linux is free/open source(source codes are freely available). </li></ul><ul><li>2.Linux doesn’t require high end machines to start with. </li></ul><ul><li>3.Linux can be installed on 80286(first computer series). </li></ul><ul><li>4.Linux is Multitasking/Multiuser OS. </li></ul><ul><li>5.Linux is more secure than windows. </li></ul><ul><li>6.Linux is more stable and reliable. </li></ul><ul><li>7.Linux doesn’t cost too much.(support isn’t free). </li></ul><ul><li>8.Now Linux support various software like windows and coming with GUI features. </li></ul>
  12. 12. A few Linux commands Commands Description touch create new file mkdir create new dir. vi to edit file. cd change dir. cp copy file/dir. mv move file/dir rm remove file. rmdir remove dir. date view date. cal view calendar. bc view calculator. Init -0 shutdown the machine.
  13. 13. Server Logs <ul><li>Server log are basically records which indicated what had happened in a server. </li></ul><ul><li>Logs gather the information about IP & Services on a server. </li></ul><ul><li>Every Services running on server has its own server logs. </li></ul><ul><li>Apache has it logs under dir /var/log/httpd/access.log #samle is attached. </li></ul><ul><li>Squid has its logs under dir /var/log/squid/access.log #sample is attached. </li></ul> Squid logs 1209105932.207 3 TCP_IMS_HIT/304 303 GET - NONE/- application/x-javascript 1209105931.658 7 TCP_MEM_HIT/200 1212 GET - NONE/- image/jpeg1208855587.146 5561 TCP_MISS/302 553 GET / - DIRECT/ text/html1208855687.590 712 TCP_MISS/302 572 GET - DIRECT/ text/html Apache Logs( - - [22/Apr/2008:09:47:21 +0530] &quot;GET /webmail/src/style.php?themeid=default_theme&templateid=default HTTP/1.1&quot; 200 5627 &quot; &quot; &quot;Mozilla/5.0 (X11; U; Linux i686; en-US; rv: Gecko/20080404 Firefox/; - - [22/Apr/2008:09:12:14 +0530] &quot;GET /webmail/src/style.php?themeid=default_theme&templateid=default HTTP/1.1&quot; 200 5627 &quot; &quot; &quot;Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; Embedded Web Browser from:; - - [22/Apr/2008:09:47:21 +0530] &quot;GET /webmail/src/login.php HTTP/1.1&quot; 200 2363 &quot; /&quot; &quot;Mozilla/5.0 (X11; U; Linux i686; en-US; rv: Gecko/20080404 Firefox/;
  14. 14. Network Security <ul><li>A.What is Network security? </li></ul><ul><li>Network security is the process of preventing and detecting unauthorized use of your Network. Prevention measures help you to stop unauthorized users (also known as &quot;intruders hackers, attackers, or crackers&quot;) from accessing any part of your computer system. </li></ul><ul><li>Intruders may be able to watch all your actions on the computer, or cause damage to your computer by reformatting your hard drive or changing your data. </li></ul><ul><li>Types of Attacks: </li></ul><ul><li>Dos (Denial of Services):- Attackers often flood lot of unwanted packets to a servers and cause the server to process them. As a result server get busy handling them and might come to a crash. </li></ul><ul><li>Phishing:- It’s latest attack. Hacker creates a clone website of an authorized bank’s websites. When any user access that authorized bank’s website, the clone website comes up in place of the original and user insert all his accounts details which is actually going to a hacker. </li></ul><ul><li>Social Networking:-Hackers often develop friendship with IT administrator so that they can get valuable information about their network and perform the desirable task. </li></ul>
  15. 15. Securing Networks <ul><li>Today, there are lots of methods for securing a network. Following are examples. </li></ul><ul><li>Firewalll </li></ul><ul><ul><li>Firewall is a network security device. </li></ul></ul><ul><ul><li>Firewall may be both software (iptables, windows firewall,shorewall)/hardware device.(cisco pix,cisco ASA, cyber-roam) </li></ul></ul><ul><ul><li>Firewall works like a wall to secure a network </li></ul></ul><ul><ul><li>Firewall checks every incoming/outgoing packet through network. </li></ul></ul><ul><ul><li>Firewall, according to the set rules allow authorized packet to pass through </li></ul></ul><ul><ul><li>Firewall helps deny, DoS, Phishing, Spams.Access attacks etc. </li></ul></ul><ul><li>IDS/IPS(Instrusion Detection Systems and Prevention Systems) </li></ul><ul><li>IDS/IPS is a hardware devices. </li></ul><ul><li>IDS/IPS work as final resource for detecting a threat,attack. </li></ul><ul><li>It is much advance technique for detecting/preventing attacks. </li></ul><ul><li>It detect these threats by watching for trends, looking for attacks that use particular patterns of messages. </li></ul>
  16. 16. Anti-X <ul><ul><ul><li>Apart from using firewall and IPS/IDS there other technique that can be used to prevent virus/attacks/threat. Anti-X(X refer to various sub name of Anti) </li></ul></ul></ul><ul><ul><ul><li>Anti-Virus: Scans networks traffic to prevent the transmission of known viruses based on virus signatures. Scan for viruses, detect them and delete them. </li></ul></ul></ul><ul><ul><ul><li>Anti-Spyware: Scan network traffic to prevent the transmission of spyware programs. </li></ul></ul></ul><ul><ul><ul><li>Anti-Spam: Examines e-mail before it reaches the users, deleting or segregating junk e-mail. </li></ul></ul></ul><ul><ul><ul><li>Anti-Phishing: Monitors URLs sent in messages through the network, looking for the fake URL, inherent in Phishing attacks, preventing the attack from reaching the users. </li></ul></ul></ul><ul><ul><ul><li>URL-Filtering: Filters web traffic based on URL to prevent users from connecting to inappropriate sites. </li></ul></ul></ul><ul><ul><ul><li>E-mail Filtering: Provides anti-spam tools. Also filters e-mails containing offensive materials, potentially protecting the Enterprise from lawsuits. </li></ul></ul></ul>
  17. 17. A few NetworkingTools <ul><ul><ul><li>GFI LANGuard </li></ul></ul></ul><ul><ul><ul><ul><li>GFI LANguard Network Security Scanner (N.S.S.) is an award-winning solution that allows you to scan, detect, assess and rectify any security vulnerabilities on your network. </li></ul></ul></ul></ul><ul><ul><ul><li>Packet Trap </li></ul></ul></ul><ul><ul><ul><ul><li>The PacketTrap pt360 Tool Suite PRO consolidates dozens of network management and monitoring tools into a single, integrated interface. For more information visit: http:// </li></ul></ul></ul></ul>OPManager - OPManager is a network monitoring software that can automatically discover our network, group your devices into intuitive maps, monitor devices in real-time and alert instantaneously on failure. IPAudit IPAudit can be used to monitor network activity for a variety of purposes. It has proved useful for monitoring intrusion detection, bandwith consumption and denial of service attacks. . For more informations visit: Ethereal (Packet sniffer ) WireShark (packet sniffer) NMAP (port scanner) MRTG ( Multi-route traffic generator) Spamassassin (Mail Filter) VNC (Remote desktop)
  18. 18. Malicious Software Is a software that is intentionally included or inserted in a system for a harmful purpose. Virus :-Computer viruses are small software programs that are designed to spread from one computer to another and to interfere with computer operation. Effects of Virus :- 1.A virus might corrupt or delete data on your computer. 2.Due to virus drives are not opened. 3.Slows down the speed of the system. 4.Taskmanager is Disabled.
  19. 19. Threats other than virus <ul><li>Worm :- A computer worm is a self-replicating computer program. It uses a network to send copies of itself to other nodes and it may do so without any user intervention. </li></ul><ul><li>Trozan Horse :- Trojan horse is a piece of software which appears to perform a certain action but in fact performs another such as a computer virus. </li></ul><ul><li>Spyware :- Spyware is software that performs actions such as creating unsolicited pop-ups, hijacks home/search pages, or redirects browsing results. </li></ul>
  20. 20. Antivirus <ul><li>“ Antivirus&quot; is protective software designed to defend your computer against malicious software or &quot;malware&quot; includes: viruses, Trojans, etc. </li></ul><ul><li>Examples:- </li></ul><ul><li>Symantec antivirus. </li></ul><ul><li>Trend micro. </li></ul><ul><li>Mcafee antivirus. </li></ul><ul><li>Panda antivirus etc. </li></ul>
  21. 21. How to use antivirus <ul><li>Install antivirus software on the computer. </li></ul><ul><li>Update the virus definitions through internet. </li></ul><ul><li>Download security patches from internet. </li></ul><ul><li>Run security patch. </li></ul><ul><li>Full Scan the system. </li></ul><ul><li>Check the scan history of the system. </li></ul><ul><li>Restart the system. </li></ul>
  22. 22. Symantec Antivirus Corporate Edition <ul><li>Centralized management and administration. </li></ul><ul><li>Effective protection from spyware and adware. </li></ul><ul><li>Protecting users from viruses that attempt to disable security measures. </li></ul><ul><li>Virus protection and monitoring from a single management console. </li></ul><ul><li>Backed by Symantec Security Response, the world’s leading Internet security research and support organization </li></ul>
  23. 23. Management of Symantec Antivirus in Indraprastha University <ul><li>There is a centrally managed antivirus server which is managing networked clients in the campus. </li></ul><ul><li>It pulls latest virus definition files from symantec web server and push the virus definitions on the managed clients. </li></ul><ul><li>Antivirus server check regularly managed clients. </li></ul><ul><li>It scans the all managed clients in the given schedule time by the antivirus server. </li></ul><ul><li>No need of manual scan on client side. </li></ul><ul><li>No need to update definition on client side manually. </li></ul>
  24. 24. GGSIPU Website Updating through VPN <ul><li>Install VPN Client Software & configure VPN Certificate by following instructions given by NIC </li></ul><ul><li>Click Start -> Programs -> Cisco Systems VPN Client -> VPN Client </li></ul><ul><li>Select VPN Certificate & click on ‘Connect’ & enter login & password </li></ul><ul><li>Now you logon in NIC Server </li></ul><ul><li>Open Internet Explorer & enter ftp url e.g. ftp:// </li></ul><ul><li>Right click and enter login & password </li></ul><ul><li>Web Server Window containing files & folder open </li></ul><ul><li>Now to upload any file or folder just use copy & past in desired folder </li></ul><ul><li>Note: Take care of correct path, deleting, or overriding any files / folders </li></ul><ul><li>Thank You. </li></ul>