countermeasures, tools, and eye-opening case studies. Covers theÂ web commerce playground, describingÂ web languages and protocols,Â web and database servers, and payment systems. Softcover. Great Book forÂ Web Developers or Administrators This book is great if you develop websites, especially if you maintain a webserver. I am fairly well versed on basic security measures, but there was alot of [...]
Worries that the notorious Conficker worm will somehow rise up and devastate the Internet on April 1 are misplaced, security experts said Friday. Conficker is thought to have infected more than 10 million PCs worldwide, and researchers estimate that several million of these machines remain infected. If the criminals who created the network wanted to, [...]
As April Fool’s Day draws closer, Windows XP and Windows 2000 users are being advised by security experts to brace themselves against the third variant of the deadly Conficker worm which may begin a new cycle of spreading spam, stealing data or carrying out online scams. Conficker, a new breed of self-updating PC worms that [...]
Sometime it is necessary to block incoming connection or traffic from specific remote host. iptables is administration tool for IPv4 packet filtering and NAT under Linux kernel. Following tip will help you to block attacker or spammers IP address. Â The blocklist is create with an API I wrote and you can use wget to update [...]
Data Execution Prevention (DEP) is a Windows Vista security feature that can help prevent damage to your computer from viruses and other security threats by monitoring your programs to make sure that they use system memory safely. If DEP notices a program on your computer using memory incorrectly, it closes the program and notifies you. [...]
Â xinetd, the eXtended InterNET Daemon, is an open-source daemon which runs on many Linux and Unix systems and manages Internet-based connectivity. It offers a more secure extension to or version of inetd, the Internet daemon. xinetd performs the same function as inetd: it starts programs that provide Internet services. Instead of having such servers started [...]
When you connect to a MySQL server, you should use a password. The password is not transmitted in clear text over the connection. Password handling during the client connection sequence was upgraded in MySQL 4.1.1 to be very secure. If you are still using pre-4.1.1-style passwords, the encryption algorithm is not as strong as the [...]
Priority: HIGH Impact: Potential for database corruption or malware to be distributed to website visitors. Resolution: Verify blocking policy in web application firewall. Remediate the following web application and database flaws: 1.Â Poor/missing input validation of user-supplied data in the web application. 2.Â Poor/missing output encoding of user-supplied data. 3.Â Improper database permissions and/or SQL query construction. Who: [...]
Black Lists are used in the context of email to define the IP addresses or netblocks of well known sources of SPAM. DNSBL defines a method of using standard DNS zone files to store such IP addresses. Standard DNS A RR queries are used to interrogate the black list which is organised as a reverse [...]
I wrote my own snort rule to detect and block brute forcing and sending spam through the web mail (It will only block if you have snortsam properly setup). This rule blocks anyone that does an HTTP POST more than 20 times within 10 seconds (I believe it is a ratio – average of 2 [...]
If you use a computer, read the newspaper, or watch the news, you will know about computer viruses or other malware. These are those malicious programs that once they infect your machine will start causing havoc on your computer. What many people do not know is that there are many different types of infections that [...]
There may come a time when you unfortunately need to ban someone from visiting your website completely. This is very easy to do using htaccess and can be useful if there is a spammer or disgruntled member attacking your site (something which unfortunately happens a lot to forum and blog owners).
On August 18, 2003, the Microsoft Product Support Services Security Team issued an alert to inform customers about a new worm. A worm is a type of computer virus that generally spreads without user action and that distributes complete copies (possibly modified) of itself across networks (such as the Internet). Generally known as “Nachi,” this new worm exploits the vulnerabilities that were addressed by Microsoft Security Bulletins MS03-026 (823980) and MS03-007 (815021) to spread itself over networks by using open Remote Procedure Call (RPC) ports or the World Wide Web Distributed Authoring and Versioning (WebDAV) protocol that is supported by Internet Information Server (IIS) 5.0.
In computer security, it quickly becomes apparent that preventing computer attacks is much more challenging than attacking computers. A good example of an easy technique to prevent a website from functioning is a distributed denial of service, or DDoS, attack in which a number of compromised computers around the internet make web (or other protocol) [...]
Fighting spam email is a worldwide daily combat challenge. Email spam fight is just another daily server wide monitoring function of any sysad administering those email servers. Global spam email attacks and happens everyday regardless of country, server setup, domains, geolocation and public IP address you might have. Take a look of the top country [...]