In this installment, I will cite an example of automated email code designed for another purpose. Nonetheless, I see it is a critical step to confirm the validity of the form's input. Moreover, unless and until I have received the expected human confirmation, that input is left in limbo [1.]. This is another means to prevent spurious, but uncaught data inputs. Thus, this limited human energy expenditure is a high return investment.
This article looks at the important security practice of web application input validation. Every time you take input from your web application check needs to be executed before your software does anything to that data. Do you have any tips for checking your user's input data for malicious data?
This weekend, we're going to look at a little something (actually a HUGE something) that we all seem to have to deal with now (through email, IM, etc). It's called phishing and, for lack of a better explanation, it's a fraudulent way for a malicious individual, or group, to get username and password information from you using deceptive practices (was that redundant? ;) It's most commonly used to get information regarding a person's online bank accounts, credit card/mortgage management information, etc. In other words, stuff that could really screw up their lives if someone else had it.
Phishing attacks are all too common, this article looks at tips to help combat this type of attack.
This tutorial explains how to set up PHPIDS on a web server with Apache2 and PHP5. PHPIDS (PHP-Intrusion Detection System) is a simple to use, well structured, fast and state-of-the-art security layer for your PHP based web application. The IDS neither strips, sanitizes nor filters any malicious input, it simply recognizes when an attacker tries to break your site and reacts in exactly the way you want it to. Based on a set of approved and heavily tested filter rules any attack is given a numerical impact rating which makes it easy to decide what kind of action should follow the hacking attempt. This could range from simple logging to sending out an emergency mail to the development team, displaying a warning message for the attacker or even ending the user’s session.
Have you ever hear of the web application called "PHPIDS"? According to the article it helps make your php web applications more secure, what do you think?
This script closely echoes previous scripts we put out to check on web server status and check on network server port-health insofar as the end result is concerned. It should run fairly simply, too (you'll probably just need to change the target host, target port and, possibly, the location of the ping command, and its arguments, to suit your taste - or have those all fed to the script from the command line using the @ARGV array):
Knowing the status of open ports on your computer is a good basic secure habit all Linux users should do. I use Nmap for all my port scanning needs but I found this simple port scanning script to be something to learn from. Have you wrote any good simple scripts to help your machines security?
Nmap (”Network Mapper”) is a free open source utility for network exploration or security auditing. It was designed to rapidly scan large networks, although it works fine against single hosts. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. Nmap runs on most types of computers and both console and graphical versions are available.
This article is a quick user's guide to Nmap. I use this tool all the time it's a good easy to use tool for testing what services and ports are open.
Today we're going to grind through our "Lazy Sunday" post with a quick script to update SSH keys network-wide, by using rsh (the less secure of the two protocols). Once you've accomplished this (or have already accomplished this) and are happy with your network's SSH setup, I'd suggest disabling rsh altogether. Then you can move on to quickly setting up your SSH keys all over the network, focus on maintaining the integrity of your sessions, if you have issues with that, and even setting simple SCP routines to help keep your network easy to manage.
This article looks at how you can update your SSH Keys on your network with a simple script.
My implicit presumption in this series is that break ins are unplanned, opportunistic occurrences. Break in attempts are triggered by encountering an input form. As I mentioned previously, do not give information away needlessly. Moreover, I strongly suggest you consider becoming passively aggressive by making your presentation of the form and its expected input somewhat unpredictable. Moreover, I advise turning your data input into a simple waste of time and effort for those not trained to use the entry way. The intent is to encourage those seeking easy break in opportunities to turn their sights on other targets.
This article looks at the problem of how Web Application should validate the data they receive from the end-user. Do you validate your data from the Internet?
A traditional firewall is commonly employed to restrict Web site access to Ports 80 and 443, used for HTTP and Secure Sockets Layer communications, respectively. However, such a device does very little to deter attacks that come over these connections. URL query string manipulations including SQL injection, modification of cookie values, tampering of form field data, malformed requests and a variety of other nasty tricks are often given free passage on allowed, legitimate traffic.
Making your Web Application secure is a important feature to implement. This article looks at some quick but important things you can do to improve your application security.
Thanks to the end-of-term for many colleges and some K12 schools, brute-force attacks against SSH servers surged sharply this past weekend, according to the SANS Internet Storm Center. The sudden jump in SSH attacks merits a re-examination of how such servers should be properly secured. Jim Owens and Jeanna Matthews of the Department of Computer Science at Clarkson University have published a paper on the methods that such attacks frequently employ and on the best ways to defeat them.
Brute-force attacks gets a lot of attention in the press but do we really need to study it? Yes, with botnet and more powerful computers it makes brute-force attacks more affective. However, if users use strong passwords then the likely hood that they will be hacked by this type of attack goes down drastically.
The FBI issued an alert this week warning that wireless Internet networks, often called Wi-Fi hotspots, are more vulnerable to hackers than most users probably realize.
In South Florida, Wi-Fi hotspots are at airports, fast food restaurants, bookstores, coffee shops, sports bars, school campuses, malls, supermarkets -- just about everywhere. Several cities and neighborhoods in the region plan to eventually install networks for residents, too.
How secure do you think is your local hotspot? Do you trust it to do your finances or other personal tasks via a coffee shop Wi-Fi access point?
