Apache Authors: Pat Romanski, Liz McMillan, Elizabeth White, Christopher Harrold, Janakiram MSV

Related Topics: Apache, Open Source Cloud

Apache: Article

Apache Worm Targets Secure Sites

Apache Worm Targets Secure Sites

An Internet worm is rapidly infecting Linux-on-Intel systems by exploiting a vulnerability lurking in a common security layer used by the Apache web server. Ironically, the worm can invade secure Apache servers because of a hole in Apache's Secure Socket Layer (SSL) data encryption module. SSL is used to hide sensitive information like financial transactions and corporate data from prying eyes. Non-SSL Apache servers are immune as are non-Intel machines.

Once the worm invades a system, it forms a peer-to-peer (P2P) network by listening for signals from other infected machines. Hackers can use the P2P network to launch a so-called distributed denial-of- service (DDOS) attack against other servers. A DDOS attack works by flooding a server with mangled TCP/IP packets that demand processing power to decipher. If an attack is successful, the machine becomes so overwhelmed with the network traffic it either crashes or stops responding to legitimate server queries.

The SSL vulnerability was first reported by the CERT Coordination Center security organization on July 30, but the worm didn't crop up until late last week. Last Friday the security firm Symantec, in effort to appear relevant to the epidemic, dubbed the worm the Linux.Slapper.Worm and issued a warning claiming 3,500 servers had been infected. It advised administrators to do the obvious: get an SSL module upgrade from their vendor.

It's unclear exactly how many servers vulnerable to the worm remain online, but web server survey firm Netcraft says that for some reason, administrators upgrade plain Apache servers faster than Apache/SSL servers, "perhaps because [the plain servers] receive more traffic, or because the [unsecured] HTTP service is the conduit favored by worm writers." Netcraft cites a general Apache vulnerability as evidence to the phenomena. Half of the 22 million Apache servers online use version 1.3.36, which fixes a well-known security hole. By contrast, only a quarter of the Apache SSL servers online have upgraded to version 1.3.36. - Curtis Lee Fulton

More Stories By Maureen O'Gara

Maureen O'Gara the most read technology reporter for the past 20 years, is the Cloud Computing and Virtualization News Desk editor of SYS-CON Media. She is the publisher of famous "Billygrams" and the editor-in-chief of "Client/Server News" for more than a decade. One of the most respected technology reporters in the business, Maureen can be reached by email at maureen(at)sys-con.com or paperboy(at)g2news.com, and by phone at 516 759-7025. Twitter: @MaureenOGara

Comments (2) View Comments

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.

Most Recent Comments
Mike Kobar 09/30/02 08:29:00 AM EDT

The Apache SSL security problem is caused by one (or more) OpenSSL security problems, which were detected and fixed in July.

The real problem here is one of not upgrading your code/systems/libraries/binaries when a significant security hole is discovered. The CERT repoert on the OpenSSL security problem did state that this could cause a huge Apache SSL problem and Apache Week also reported this fact.

If you don't keep up-to-date in the security world then you are asking for trouble, especially in the web server world.

Anne Ward 09/22/02 01:04:00 PM EDT

According to the Apache web site, the security problems are related to the OpenSSL source code used by applications on the web server, and not specific to the Apache HTTP server.

Please confirm that this is your understanding of the problem as well.


IoT & Smart Cities Stories
Predicting the future has never been more challenging - not because of the lack of data but because of the flood of ungoverned and risk laden information. Microsoft states that 2.5 exabytes of data are created every day. Expectations and reliance on data are being pushed to the limits, as demands around hybrid options continue to grow.
Dion Hinchcliffe is an internationally recognized digital expert, bestselling book author, frequent keynote speaker, analyst, futurist, and transformation expert based in Washington, DC. He is currently Chief Strategy Officer at the industry-leading digital strategy and online community solutions firm, 7Summits.
With 10 simultaneous tracks, keynotes, general sessions and targeted breakout classes, @CloudEXPO and DXWorldEXPO are two of the most important technology events of the year. Since its launch over eight years ago, @CloudEXPO and DXWorldEXPO have presented a rock star faculty as well as showcased hundreds of sponsors and exhibitors! In this blog post, we provide 7 tips on how, as part of our world-class faculty, you can deliver one of the most popular sessions at our events. But before reading...
Charles Araujo is an industry analyst, internationally recognized authority on the Digital Enterprise and author of The Quantum Age of IT: Why Everything You Know About IT is About to Change. As Principal Analyst with Intellyx, he writes, speaks and advises organizations on how to navigate through this time of disruption. He is also the founder of The Institute for Digital Transformation and a sought after keynote speaker. He has been a regular contributor to both InformationWeek and CIO Insight...
DXWorldEXPO LLC, the producer of the world's most influential technology conferences and trade shows has announced the 22nd International CloudEXPO | DXWorldEXPO "Early Bird Registration" is now open. Register for Full Conference "Gold Pass" ▸ Here (Expo Hall ▸ Here)
Bill Schmarzo, author of "Big Data: Understanding How Data Powers Big Business" and "Big Data MBA: Driving Business Strategies with Data Science" is responsible for guiding the technology strategy within Hitachi Vantara for IoT and Analytics. Bill brings a balanced business-technology approach that focuses on business outcomes to drive data, analytics and technology decisions that underpin an organization's digital transformation strategy.
@DevOpsSummit at Cloud Expo, taking place November 12-13 in New York City, NY, is co-located with 22nd international CloudEXPO | first international DXWorldEXPO and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The widespread success of cloud computing is driving the DevOps revolution in enterprise IT. Now as never before, development teams must communicate and collaborate in a dynamic, 24/7/365 environment. There is no time t...
The Internet of Things will challenge the status quo of how IT and development organizations operate. Or will it? Certainly the fog layer of IoT requires special insights about data ontology, security and transactional integrity. But the developmental challenges are the same: People, Process and Platform and how we integrate our thinking to solve complicated problems. In his session at 19th Cloud Expo, Craig Sproule, CEO of Metavine, demonstrated how to move beyond today's coding paradigm and sh...
CloudEXPO New York 2018, colocated with DXWorldEXPO New York 2018 will be held November 11-13, 2018, in New York City and will bring together Cloud Computing, FinTech and Blockchain, Digital Transformation, Big Data, Internet of Things, DevOps, AI, Machine Learning and WebRTC to one location.