Loading...

A comprehensive approach to abusing locality in shared web hosting servers

Mirheidari, S. A ; Sharif University of Technology | 2013

408 Viewed
  1. Type of Document: Article
  2. DOI: 10.1109/TrustCom.2013.200
  3. Publisher: 2013
  4. Abstract:
  5. With the growing of network technology along with the need of human for social interaction, using websites nowadays becomes critically important which leads in the increasing number of websites and servers. One popular solution for managing these large numbers of websites is using shared web hosting servers in order to decrease the overall cost of server maintenance. Despite affordability, this solution is insecure and risky according to high amount of reported defaces and attacks during recent years. In this paper, we introduce top ten most common attacks in shared web hosting servers which can occur because of the nature and bad configuration in these servers. Moreover, we present several simple scenarios that are capable of penetrating these kinds of servers even with the existence of several securing mechanisms. Finally, we provide a comprehensive secure configuration for confronting these attacks
  6. Keywords:
  7. Convenient Phishing ; CSRF Token Poisoning ; Data Confidentiality Violation ; Data Integrity Violation ; Fast Brute Force ; Shared Web Hosting ; Brute force ; Data confidentiality ; Data integrity ; Intensive LFI ; Log Snooping ; Phishing ; Session Snooping ; Web hosting ; Computer programming ; Computer science ; Websites
  8. Source: Proceedings - 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2013, Melbourne, VIC; Australia ; July , 2013 , Pages 1620-1625 ; 9780769550220 (ISBN)
  9. URL: http://ieeexplore.ieee.org/xpl/articleDetails.jsp?arnumber=6681025