In connection with the dissemination in the media of information about the identified vulnerabilities of Kazakhstan’s Internet resources, the Ministry of Defense and Aerospace Industry of the Republic of Kazakhstan (MDAI of the RK) recommends taking timely measures to counter threats to information security.
So, the basis for ensuring information security of an Internet resource is to ensure the maximum level of security of the server on which it is hosted. A web server is formed by a complex software package, each of which is subject to a variety of attack methods.
Web server attacks can be divided into two categories: local and global. Local attacks are usually aimed at stealing information or intercepting control on a separate web server. Global attacks are usually aimed at several websites and aim to infect all of their visitors. Even if a malicious program can not be run on the server itself, it can still be transmitted as ordinary content to website visitors, since attackers often download such programs using PHP or ASP, which eliminates the need to infect the web server operating system .
To ensure the security of the web server, first of all, it is offered:
– systematically install the latest security updates for the operating system;
– regularly update all software running on the web server;
– use the SSL certificate to work with the resource only through HTTPS;
– remove software that does not belong to the necessary components of the Internet resource;
– disable unused services that are installed by default (for example, FTP or SMTP) and all unused server extensions;
– Disable directory browsing if it is not necessary, because it allows visitors to see what files are used by the system;
– disable access to resources by default, including only the necessary functionality of resources.
– keep a log of all calls and conduct its periodic analysis, preferably with the setting up of automatic notifications about the detection of suspicious activity;
-Installation of the firewall
For applications running on the server as components of the Internet resource, it is suggested that the following requirements be met:
– Do not run applications and services (including – system) with administrator rights;
– set access permissions (access control lists) to all resources required by the application;
– use the settings with the minimum permission level (for example, make the files read-only, if this is acceptable for the application)
– store web application files in a folder under the root of the application;
– Prevent users from setting access paths to application files, which will prevent users from accessing the root of the server.
For the execution environment of the script portion of the Internet resource (PHP or ASP), the following recommendations should be adhered to:
– set the variable register_globals to off;
– set the variable safe_mode to on;
– In the open_basedir variable, specify the base directory;
– set the variable display_errors to off;
– you must set the variable log_errors to on;
– Set the variable allow_url_fopen to off.
With respect to other components of the Internet resource (CMS, services, applications) should be guided by general recommendations for providing protection at the software level.
At the same time, the Ministry of Defense and Aerospace Industry of the Republic of Kazakhstan reminds that according to the current legislation, owners of informatization facilities, as well as users are obliged to implement measures to protect information objects.
In addition, in the event of incidents of information security, it is necessary to inform the RSE “State Technical Service”.
|
For reference: Vulnerabilities in software, including the creation of Internet resources, are quite common, compensated by the speed of technical support. More than 120 000 domain names have been registered in the Kazakhstan segment. |