Summary of IoT Sessions at 2015 GSA Silicon Summit – Part I
# service httpd restart (RHEL/CentOS/Fedora)# service apache2 restart (Debian/Ubuntu)
2.Disable Directory Listing :-
If file access permissions on a web server are not properly defined, it could become possible to view a directory listing of the server. This can reveal confidential information which could be exploited by malicious users.
By default Apache list all the content of Document root directory in the absence of index file. Please see the image below.
We can turn off directory listing by using Options directive in configuration file for a specific directory. For that we need to make an entry in httpd.conf or apache2.conf file.
<Directory /var/www/html> Options -Indexes </Directory>
Disable Directory Listening with Checkpoint GAIA :-
Navigate to IPS Software blade > Protection > By Protocol > Web Intelligence > Information disclosure > Double-click on the Directory Listening and choose your protection profile and in Action menu select prevent.
This protection identifies web pages containing directory listings and blocks them. When the attack is blocked, a customizable web page can be displayed.
To provide optimal detection sensitivity, three levels of protection are available: Low, Medium and High. The protection level can be selected for all HTTP traffic in the protection’s profile-specific settings, or it can be selected individually to each Web server through each server object’s Web Server > Protections page.
3. Keep updating Apache Regularly
Apache developer community is continuously working on security issues and releasing itsupdated version with newsecurity options. So It is always recommended to use the latest versionof Apache as your web server.
To check Apache version: You can check your current version with httpd -v command.
# httpd -v
gfi endpoint security usb 3 endpoint security 2016