apache服务器安全防范（Apache server security）.docVIP

apache服务器安全防范（Apache server security） Apache server security The Pache server goes there and unix/linux goes right there, enough to show the good performance and market share of the Apache in the WEB server domain Today the Internet environment, web service has become the enterprise essential business, most of the security issues also follow, attack key also transferred to web attacks, many web services and valuable customers and electronic business activities together, this is also an important reason for attracting malicious attacks. First of all, to understand the security risks faced by Web HTTP denial of service attack The attacker by some means so that the server refused to HTTP response, the Apache of system resources (cup time and memory) the huge increase in demand, and ultimately cause the system to slow down or even completely paralyzed, the disadvantages of Apache server is the most common, it has become a target for all Apache server by DoS, every hour and moment are under threat of attack several 1. packet flood attack A method of interrupting a server or local network is a packet flood attack, which usually uses the Internet control message protocol (ICMP, a network layer protocol) Packets or UDP packets, in the simplest form, these attacks are the server or network overload, which means that the attackers network speed must be faster than the target host network speed, the use of the advantages of the UDP package is not going to have any packets back to the hackers computer (UDP to 17 times higher than the efficiency TCP), and using the advantage of ICMP package is the attacker can make the attack more rich and change, Sending a faulty package can mess up and lock up the victims network. The current trend is that the attacker cheats the server and believes it is being attacked by its own flood 2. disk attack This is a very moral attack, which not only affects the computer communication, but also destroy the hardware, the user request using forged wri