This article solely relates to the the insecurities that remain in the XML schema defined for any web server that relates to peculiar web servicing application. This is actually based on the AJAX framework as the xml specification act as an interface to server objects. The interface which is being provided by the xml schema directly configures the server on the fly which is dependent on the specific service providing servlet. The wrong schema in the web.xml or the index.xml provide leads to the origin of the web attack base that really disrupts the functioning of the server which further results in leveraging information. I am going to discuss the schema designing and relative effects if it is not configured properly.Write Comment |
|
When possible use secure connection methods as opposed to insecure methods. Unless you are required to use telnet, substitute ssh (Secure SHell) in for rsh or telnet. Instead of POP3 or IMAP use SPOP3 or SIMAP (IMAPS). Both SIMAP and SPOP3 are just versions of IMAP and POP3 running over an SSL (Secure Socket Layer) tunnel.Write Comment |
|
|
TCP_SYNCookies
|
22 August 2006
|
|
A SYN-flood attack has the ability to bring the network aspect of your linux box to a snail-like crawl. TCP_SYNCookies protection attempts to stop this from taking a heavy toll on the machine. To enable tcp_syncookies protection, use the following command:
echo 1 > /proc/sys/net/ipv4/tcp_syncookies
Write Comment (1 Comments) |
|
To turn on spoof protection, run a simple bash script:
for i in /proc/sys/net/ipv4/conf/*/rp_filter; do echo 1 > $i done;
Be careful to remember that it drops packets more or less 'invisibly'.Write Comment |
|
To find out the .Xauthority magic cookie looks like and to send it (authorization information) to the remote host, use the following command:
xauth extract - $DISPLAY | ssh storm xauth merge -
Now the user who ran this command on the original host can now run xcilents on storm. xauth needs to be present on both hosts.Write Comment |
|
|
|
<< Start < Prev 1 2 3 Next > End >>
|
| Results 10 - 18 of 30 |