CSC

CRIPTOGRAFIE ȘI SECURITATE CIBERNETICĂ

Laborator

6. Securitatea comunicațiilor web

Securitatea comunicațiilor web

HTTPS - HTTP Secure

HTTP over SSL - Secure Sockets Layer

HTTP over TLS - Transport Layer Security

---

1. Servicii vizate
   
   
   • HTTP
   • configurare de bază (serviciu web)
   • configurare securitate (SSL/TLS)

     
     

     ---

2. Router Linux
   
   
   
   • Conectare către un Router Linux
     
     (folosind aplicația putty)

IP: 172.20.1.32
user: userRCC
pass: router RCC

• Obținere drepturi de administrare

  comanda: su -

  pass: router labRC

  ---

• Configurare servicii

HTTPD
apache

mcedit /etc/httpd/conf/httpd.conf

 

 

Activare SSL (conf.d/ssl.conf)

apache

SSLEngine on
SSLCertificateKeyFile ...
SSLCertificateFile ...

 

control serviciu

service httpd status|start|stop|restart

manual de utilizare server apache

http://adresaserverweb/manual/

sectiunea SSL

http://adresaserverweb/manual/ssl/

 

---

Self-signed SSL Certificate

Generare self-signed SSL Certificate (How-TO)

• How do I create a self-signed SSL Certificate for testing purposes?
• How do I create a real SSL Certificate?

Generare cheie privata

openssl genrsa -des3 -out server.key 1024

cat server.key

Generearecerere certificat

openssl req -new -key server.key -out server.csr

cat server.csr

Eliminare parola solicitata la restart serviciu

cp server.key server.key.org
openssl rsa -in server.key.org -out server.key

cat server.key

Generare certificat (local)

openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt

cat server.crt

---

Real SSL Certificate

Solicitari certificate de securitate către Autorități de certificare

SOLUȚII Free

Let's Encrypt (letsencrypt.org)

SSL For Free - Free SSL Certificates in Minutes

Free SSL Certificates and SSL Tools - ZeroSSL

Free SSL - SSL.com

 

!!! FQDN: rcc.usv.ro




---

 

Captura pachete HTTP HTTPS

- tcpdump pe sever

- Wireshark pe statia client

Urmarire fisiere de evenimente (log-uri server web)

- tail -f /var/log/httpd/access_log

- tail -f /var/log/httpd/error_log

Configurare Apache httpd (Fedora Linux 35)

Apache httpd : Install

Apache httpd : Virtual Hostings

Apache httpd : SSL/TLS Setting

Apache httpd : Enable Userdir

Apache httpd : Use CGI Scripts

Apache httpd : Use PHP Scripts

Apache httpd : Basic Authentication

Apache httpd : Configure WebDAV

Apache httpd : Basic Auth + LDAP

Apache httpd : Configure mod_md

Mirror

Referinte

Ruter - Wikipedia

Apache (server) - Wikipedia

Server World - Build Network Server (server-world.info)

... Realizati configurarea unei versiuni de server WEB Microsoft (IIS)