Is it just “me” or can everyone else “see” the Internet is built on a house of cards ?!?

Web Servers use information passed along in the headers from your browser for such information as the referer and the remote IP address however that information can be faked pretty easily by just about anyone.

The core of your typical web server could know the “real” (and I use the term “real” here loosly) IP address of the client as the connection is being served.  Most typically however the core of the web server is something like Apache that separates the code being run by Apache from the mechanics of handling connections and this is pretty much what we all want from our web servers – separation from the mechanics of handing connections.

The problem with your typical web server is that it can be made to “think” it is connecting to a client of the client’s choosing.    Headers can be faked using a variety of techniques.  Browsers can be faked just as easily.  The web server could compare the contents of the packets that hit the web server and validate headers based on the information from the packets in realtime but this capability is just not being used.

This pretty much leaves the door open for hackers to do whatever they wish, for the most part, where small operations are concerned since most people are more or less unaware of how TCP/IP works from the perspective of the web server in relation to the web browser.

Want to fake some web hits to your click-per-view advertising providers ?  Not a problem, fake some headers and write some code and let it run 24 hours a day 7 days a week but… make the system that does this appear to be a human by clicking around on various links around the site.  Do you really think this is not being done in some circles ?!?

Perhaps larger organizations are using packet sniffers that validate packets in realtime however it would still not be all that difficult to forge packets and headers in concert to make it appear the packets are perfectly valid even though they are not at-all valid.

It’s an odd thing that so many companies around the world have placed their trust and faith in an area of technology that can be so easily manipulated as TCP/IP based technologies can.

The good news is that Vyper Logix Corp. has been working on resolving header forging issues in the form of Vyper-Proxy™.  Vyper-Proxy™ provides web server acceleration and header validation services to help resolve issues surrounding the forging of headers as suggested within this article.

Some time ago, in the labs at Vyper Logix Corp., it was discovered that Python could be used to accelerate the processing of Apache2 in relation to the handling of web requests using a technique that was rolled into Vyper-Proxy™.   Python is an odd choice for this sort of application because the general perception is that Python cannot be made to perform in this fashion however, as it turns-out, Python is the perfect choice.

Is your web server secure against hackers who can easily forge packets and headers ?  if not then maybe contact the folks at Vyper Logix Corp and ask them about how Vyper-Proxy™ could be made to make your web servers harder to hack.

Take a look at Vyper Logix Corp, the makers of Vyper-Proxy™.

Advertisements

About Ray C Horn
See my profile at http://www.linkedin.com/in/raychorn with more than 1286+ connections and growing all the time.

Comments are closed.

%d bloggers like this: