Chapter 11. Unix Application Servers

Application servers are an obvious target for an attacker. They are often a central repository for all manner of data, be it authentication credentials, intellectual property, or financial data. Because they are typically so data rich, they are appealing to both financially motivated attackers looking for ways to monetize their attack and politically motivated attackers looking to steal, destroy, or corrupt data.

Of course, in a system architected to have many tiers, application servers may not contain data; however, they will still contain application code and are typically connected to other systems, such as databases. This means they serve as an ideal pivot point to other systems, which also places a target on the application servers.

For these reasons, we should seek to ensure that these servers are built both to perform their desired function to the required specification and to withstand an attack.

It is always recommended that the infrastructure surrounding an application be configured to defend the server from attack. However, ensuring that a server is as well defended as possible in its own right is also strongly advised. This way, in the event that any other defensive countermeasures fail or are bypassed—for example, by an attacker moving laterally within the infrastructure—the server is still defended as well as is sensibly possible.

The essentials for Windows-based platforms were covered in Chapter 10, so this chapter will focus ...