Chapter 11. Unix Application Servers
Application servers are an obvious target for an attacker. They are often a central repository for all manner of data, be it authentication credentials, intellectual property, or financial data. Being so data rich provides an obvious point for a financially motivated attacker to monetize his attack, and for a politically motivated attacker to steal, destroy, or corrupt data.
Of course in a system architected to have many tiers, application servers may not contain data; however, they will contain application code and serve as an ideal pivot point to other systems. They are typically connected to other systems, such as databases, which places a target on the application servers.
For these reasons we should seek to ensure that the servers are built both to perform their desired function with specification and to withstand an attack.
It is always recommended that the infrastructure surrounding an application be configured to defend the server from attack. However, ensuring that a server is as well-defended as possible in its own right is also strongly advised. This way, in the event that any other defensive countermeasures fail or are bypassedâfor example, by an attacker using lateral movement from within the infrastructureâthe server is still defended as well as is sensibly possible.
The essentials for Windows-based platforms have already been described in Chapter 1, so this chapter will focus on Unix platforms such as Linux, FreeBSD, and ...
Get Defensive Security Handbook now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
