Sec‐260, Study Guide 2: - ConnorEast/Tech-Journal GitHub Wiki
Web Security Study Guide, 2.
Cryptology terms:
CIA + NR [Confidentiality, Integrity, Authentication, Non-repudiation]
Digital Signature [The use of Digital Certificates and hashes to confirm transfer location.]
Ciphers [Makes documents unreadable]
Keys [Variables that effect how a cipher is rotated]
Symmetric Encryption:
A single key is used to encrypt/decrypt data. This makes it faster and easier than asymmetric encryption.
The number of potential key values is depended on the bits aloted. 8-bit = 256, 40-bit = 2^40.
Asymmetric Encryption:
Both systems have One key for encryption, One key for decryption. Its more secure then Symmetric but slower.
Usually after assymetric encryption occurs a symetric key is sent over the network in order to reduce network issues.
Hash Functions:
Hash functions are a one-way conversion that creates a signature for a block of data.
Computes a fixed-bit-length string from a data block.
MD5 hash functions creates 128-bit hash.
SHA-1 hash creates a 160-bit hash.
SHA-2 creates a 256 and 512 Bit hash.
Confirms data has not been changed / located incorrectly.
Digital Certificates (ID cards):
Contains, Subject name [Device name], Expiration Date, Certificate Issuer, Digital signature of issuer. Sometimes will have the public key.
Most modern-day common certificates are version X.509.
Used to secure web servers for https trafic.
Certificate Revocation/OCSP
Essentially a device uses OCSP to send a well fair check to a certifies OCSP responder who responds with an answer as to if the certificate status is "good, revoked, or unknown".
Digital Signatures
A confirmation to whether a message has or has not been tampered with.
Generated using asymmetric public-key technology.
Web Server Definition
A system that stores, processes and sends websites to a user using HTTP/HTTPS. The system consists of a physical server, an operating system and software.
Client-side vs. Server-Side Scripting
Client-side scripting is scripting that is inserted directly into a website and or application. The main issue with client-side scripting is that hackers/individuals can manipulate the client-side code in order to force XYZ to happen. Client-side scripting puts less pressure on the serverside which is why it is used regardless of its safety.
Server-Side scripting is scripting that occurs on the Server side. This decreases the amount of attack vectors hackers have access too. The main issue with Server Side Scripting is that it puts more pressure on the server.
Apache Modules
Apache Modules are services created for the Apache web server that is dynamically linked in order to change how a website functions (its nature). To view all enabled modules, you will use the " apache2ctl -M " command.
Apache Virtual Hosts
Apache Virtual Hosting is where multiple servers can be hosted under a single Apache Web Server. To learn more about this go to week 7 Apache Virtual Host Class Activity.
A web application firewall (AWF) is a network, cloud, or host based firewall added on to improve system integrity. It allows for better packet management and decreases specific vectors of attacks such as malicious http requests
Mod evasive is stated by its name: It is a module developed to be evasive though that can evade an HTTP, DOS, DDOS attack, or a brute force attack. One possitive thing about mod evasive is that it is also designed as a detection tool and as such can be configured with things such as ipchains, firewalls, routers, etc for even more protection.