Home » Security

Quick Access

User login

Who's online

There are currently 1 user and 9 guests online.

Online users

Visitors Map

Site Counter

  • Site Counter: 295836
  • Registered Users: 2676
  • Published Nodes: 331
  • Your IP: 67.195.111.223
  • Since: 2008-09-09

Link Exchange

BlogCatalog Blog DirectoryTechnology blogs
Technology Business Directory - BTS LocalTop stories
Click hereTop Blog   Hacking & Security
         SecGeeks
       Megapanzer

Live Traffic Info

Advertisements

      ExitJunction.com - Make Money From Your Exit Traffic!
      Click Here to Check WidgetBucks
      Click here to Advertise
     


     

Security Articles (12)

Hardening PHP Security from php.ini

Submitted by vismaya on 28 January, 2010 - 02:31

PHP's default configuration file, php.ini (usually found in /etc/php.ini on most Linux systems) contains a host of functionality that can be used to help secure your web applications. Unfortunately many PHP users and administrators are unfamiliar with the various options that are available with php.ini and leave the file in it's stock configuration. By utilizing a few of the security related options in the configuration file you can greatly strengthen the security posture of web applications running on your server. Read more..

Your rating: None Average: 3 (2 votes)


SHODAN The Computer Search

Submitted by vismaya on 1 December, 2009 - 09:50


SHODAN lets you find servers/ routers/ etc. by using the simple search bar.You can search by keyword, and/or using any of the advanced search options.

Check SHODAN:
  • country:2-letter country code
  • hostname:full or partial host name
  • net:IP range using CIDR notation (ex: 18.7.7.0/24 )
  • port:21, 22, 23 or 80

Lets say you want to find servers running the 'Apache' web daemon. A simple attempt would be to use:

apache

How about finding only apache servers running version 2.2.3?

apache 2.2.3Read more..

Your rating: None Average: 5 (1 vote)


The Inner Structure of a Trojan Horse

Submitted by vismaya on 14 August, 2009 - 22:05

When analyzing the code of a Trojan horse it often contains  methods  and functions that can be assigned to typical function groups and modules.  Even if the code and inner organisation seems to be chaotic and hard to understand because of  its structureless appearance you can assign a function to at least one of these groups. I want to give you the big picture, an overview about the inner structure of a Trojan horse and taking the confusion a little.



Dropper

The Trojan horse is wrapped by its dropper which is not a core component in the proper sense. But because it plays an important role in propagation and the installation of  the Trojans it is worth mentioning it.Read more..

Your rating: None Average: 5 (1 vote)


Remote/Local File Inclusion Exploition and Prevention

Submitted by vismaya on 17 April, 2009 - 13:59

Remote/Local File Inclusion Exploits


Remote and local file inclusions are just a problem on the coding end, like most exploits. Of course it takes a second person to make it happen, hehe. So this paper will hopefully give you some ideas on how to prevenet a file inclusion exploit on your website and most importantly, in your code. I will be providing the code examples in PHP format.

Let's take a look at some code that make the RFI/LFI exploits possible.



<a href=index.php?page=file1.php>Files</a>
<?php
$page = $_GET[page];
include($page);
?>

Now obviously this should never be used. The $page input isnt sanitized at all. The $page input is passed directly to the damn webpage, which is a very big no no. You should always sanitize every input passed through the browser. When the user clicks the "Files" link on the webpage to visit "files.php" it will look something like this.

http://localhost/index.php?page=files.php
Read more..
No votes yet


Signs of an Infected E-Mail

Submitted by Sajeev on 20 March, 2009 - 14:50

Harmful Email Subjects to Avoid

I. Emails from people trying to infect your system and steal your  friends' email addresses for spam

I.1. Pictures of Osama Bin Laden hanging or Arnold Schwarzenegger's
suicide note
I.2. Email that seems to come from your system administrator or
other familiar sender that says your email could not be
delivered, or some similar statement.
I.3. Email with subject "Against!" or "Revenge"
I.4. Email with subject Re_ and body with animals or foto or other
subjects


II. Emails from people trying to steal your identity (and your money)

II.1. Update Your Billing Information (from eBay)
II.2. Your account at eBay has been suspended
II.3. Your account at Wells Fargo has been suspended
II.4. Notification of US Bank Internet Banking
II.5. Attn: Citibank Update
II.6 Confirm AOL Billing Info


III. Emails from people trying to fool you into hurting yourself or  your friends and coworkers

III.1 Subject: "jdbg" Virus: how to detect and remove.

******************************
More Details About Each AttackRead more..

No votes yet


Preventing DDoS Attacks

Submitted by Sajeev on 17 March, 2009 - 17:51

In this article I am trying to explain what DDOS is and how it can be prevented. DDOS happens due to lack of security awareness of the network/server owners. On a daily basis we hear that a particular machine is under DDOS attack or NOC has unplugged the machine due to DDOS attack . So DDOS has become one of the common issues in this electronics world. DDOS is like a disease which doesn't have an anti-viral developed. So we should be carefull while dealing with it . Never take it lightly. In this article i am trying to explain the steps/measures which will help us defend from DDOS attack ,up to a certain extend .

What is a DDOS attack?
[adsense:468x60:7403224149]
   Simply said, DDOS is an advanced version of DOS attack . Like DOS , DDOS also tries to deny the important services running on a server by broadcasting packets to the destination server in a way that the Destination server cannot handle it. The speciality of the DDOS is that, it relays attacks not from a single network/host like DOS. The DDOS attack will be launched from different dynamic networks which has already been compromised.
Read more..
No votes yet

Search

Loading

Bookmark Us!

Share/Save

Page Rank

PageRank Checking Icon

Quotes

The more a man knows, the more he forgives.
View

Subscribe Us!

Explore Tags

more tags

Follow Us

Advertisements