Search Results

Search found 350 results on 14 pages for 'intrusion prevention'.

Page 1/14 | 1 2 3 4 5 6 7 8 9 10 11 12  | Next Page >

  • Spam prevention through IP tracking

    - by whamsicore
    I am building a website with user generated comments. In order to implement user moderation/spam-protection, users have the ability to mark comments as spam. When one comment is marked as spam, I want all comments from the same IP address to be deleted. I am not familiar with spam prevention in general, other than Captcha. Question: is this a feasible/good system for spam prevention? are there better ways, or improvements I can make? Thanks.

    Read the article

  • Single file changed: intrusion or corruption?

    - by Michaël Witrant
    rkhunter reported a single file change on a virtual server (netstat binary). It didn't report any other warning. The change was not the result of a package upgrade (I reinstalled it and the checksum is back as it was before). I'm wondering whether this is a file corruption or an intrusion. I guess an intrusion would have changed many other files watched by rkhunter (or none if the intruder had access to rkhunter's database). I disassembled both binaries with objdump -d and stored the diff here: https://gist.github.com/3972886 The full dump diff generated with objdump -s is here : https://gist.github.com/3972937 I guess a file corruption would have changed either large blocks or single bits, not small blocks like this. Do these changes look suspicious? How could I investigate more? The system is running Debian Squeeze.

    Read the article

  • Comparison of Firewall, Intrusion Prevention, Detection and Antivirus Technologies in Organizational

    - by Berkay
    in these days i'm reading about intrusion prevention/detection systems.When reading i really confused in some points. First, the firewall and antivirus technologies are known terms for years, however now IDS becomes popular. My question includes: in organizational network architectures when/where do we use these systems ? What are the benefits of using each ? Does Firewall contains all these others? If you give me some examples, it will help much. Thanks.

    Read the article

  • Exchange 2010 email spoofing prevention

    - by holian
    Masters, Unfortunately we got some spam mail which seems to be coming from our own domain. I found some article which all says to remove Anonymous login from internet receive connector (http://exchangepedia.com/2008/09/how-to-prevent-annoying-spam-from-your-own-domain.html) I think i something misunderstood about those articles, because if i remove the Anonymous connection e-mails did not receive from external address (like gmail - Diagnostic-Code: SMTP; 530 5.7.1 Client was not authenticated) Some pictures about our configuration:

    Read the article

  • 5 Free Intrusion Detection Softwares (IDS)

    Tools and Utilities to Monitor Your Network For Suspicious or Malicious Activity Snort for Windows Snort is an open source network intrusion detection system, capable of performing real-time traffi... [Author: Alam Je - Computers and Internet - March 24, 2010]

    Read the article

  • Database Security: The First Step in Pre-Emptive Data Leak Prevention

    - by roxana.bradescu
    With WikiLeaks raising awareness around information leaks and the harm they can cause, many organization are taking stock of their own information leak protection (ILP) strategies in 2011. A report by IDC on data leak prevention stated: Increasing database security is one of the most efficient and cost-effective measures an organization can take to prevent data leaks. By utilizing the data protection, access control, account management, encryption, log management, and other security controls inherent in the database management system, entities can institute first-level control over the widest range of protected information. As a central repository for unstructured data, which is growing at leaps and bounds, the database should be the first layer providing information leakage protection. Unfortunately, most organizations are not taking sufficient steps to protect their databases according to a survey of the Independent Oracle User Group. For example, any operating system administrator or database administrator can access the all the data stored in the database in most organizations. Without any kind of auditing or monitoring. And it's not just administrators, database users can typically access the database with ad-hoc query tools from their desktop and by-pass any application level controls. Despite numerous regulations calling for controls to limit the powers of insiders, most organizations still put too many privileges in the hands of their employees. Time and time again these excess privileges have backfired. Internal agents were implicated in almost half of data breaches according to the Verizon Data Breach Investigations Report and the rate is rising. Hackers also took advantage of these excess privileges very successfully using stolen credentials and SQL injection attacks. But back to the insiders. Who are these insiders and why do they do it? In 2002, the U.S. Secret Service (USSS) behavioral psychologists and CERT information security experts formed the Insider Threat Study team to examine insider threat cases that occurred in US critical infrastructure sectors, and examined them from both a technical and a behavioral perspective. A series of fascinating reports has been published as a result of this work. You can learn more by watching the ISSA Insider Threat Web Conference. So as your organization starts to look at data leak prevention over the coming year, start off by protecting your data at the source - your databases. IDC went on to say: Any enterprise looking to improve its competitiveness, regulatory compliance, and overall data security should consider Oracle's offerings, not only because of their database management capabilities but also because they provide tools that are the first layer of information leak prevention. Learn more about Oracle Database Security solutions and get the whitepapers, demos, tutorials, and more that you need to protect data privacy from internal and external threats.

    Read the article

  • CSRF (Cross-site request forgery) attack example and prevention in PHP

    - by Saif Bechan
    I have an website where people can place a vote like this: http://mysite.com/vote/25 This will place a vote on item 25. I want to only make this available for registered users, and only if they want to do this. Now I know when someone is busy on the website, and someone gives them a link like this: http://mysite.com/vote/30 then the vote will be places for him on the item without him wanting to do this. I have read the explanation on the OWASP website, but i don't really understand it Is this an example of CSFR, and how can I prevent this. The best thing i can think off is adding something to the link like a hash. But this will be quite irritating to put something on the end of all the links. Is there no other way of doing this. Another thing can someone maybe give me some other example of this, because the website seems fairly fugue to me.

    Read the article

  • Possible Data Execution Prevention problem in Windows 7

    - by Joel in Gö
    I have a serious problem with my .Net program. It calls a native dll, and then crashes instantly because it can't find a native method. This is behaviour we have seen before, whereby the C# compiler, in its infinite wisdom, sets the flag that the program is DEP compatible, even if it calls a native dll which patently is not. We have the standard workaround for this, where the flag is set to Not DEP Compatible in a post-build step, and this works fine. Everywhere except on my machine. I have Windows 7 32bit, and the program works fine on the Win 7 64bit machines that we have, as well as on Vista and XP; we have not yet been able to check on another Win7 32bit. However, on my machine the DataExecutionPolicy_SupportPolicy is 0, i.e. we have successfully switched DEP off. The dll in question also works fine when called from a native program. We are running out of ideas... any help would be much appreciated!

    Read the article

  • Possible Data Execution Prevention (DEP) problem in Windows 7

    - by Joel in Gö
    I have a serious problem with my .Net program. It calls a native dll, and then crashes instantly because it can't find a native method. This is behaviour we have seen before, whereby the C# compiler, in its infinite wisdom, sets the flag that the program is DEP compatible, even if it calls a native dll which patently is not. We have the standard workaround for this, where the flag is set to Not DEP Compatible in a post-build step, and this works fine. Everywhere except on my machine. I have Windows 7 32bit, and the program works fine on the Win 7 64bit machines that we have, as well as on Vista and XP; we have not yet been able to check on another Win7 32bit. However, on my machine the DataExecutionPolicy_SupportPolicy is 0, i.e. we have successfully switched DEP off. Does anyone know whether there is some situation in which it can still act? Or any other mechanism which could have the same effect? The dll in question also works fine when called from a native program. We are running out of ideas... any help would be much appreciated!

    Read the article

  • [Livre]:Chaînes d'exploits: Scénarios de hacking avancé et prévention, de A.Whitaker, K.Evans, J.Vot

    Bonjour La rédaction de DVP a lu pour vous l'ouvrage suivant: Chaînes d'exploits: Scénarios de hacking avancé et prévention de Andrew Whitaker, Keatron Evans, Jack Voth paru aux Editions PEARSON [IMG]http://images-eu.amazon.com/images/P/274402371X.08.LZZZZZZZ.jpg[/IMG] Citation: Un pirate informatique s'appuie rarement sur une unique attaque, mais utilise plutôt des chaînes d'exploits, qui impliquent plusie...

    Read the article

  • SQL Injection prevention

    - by simonsabin
    Just asking people not to use a list of certain words is not prevention from SQL Injection https://homebank.sactocu.org/UA2004/faq-mfa.htm#pp6 To protect yourself from SQL Injection you have to do 1 simple thing. Do not build your SQL statements by concatenating values passed by the user into a string an executing them. If your query has to be dynamic then make sure any values passed by a user are passed as parameters and use sp_executesql in TSQL or a SqlCommand object in ADO.Net...(read more)

    Read the article

  • Helix, mener une analyse forensique suite à une intrusion , par Pierre Therrode

    Avec l'ère de l'internet, nous sommes tous conscients d'être des cibles potentielles pour les pirates. En effet, la criminalité sur le Net est de plus en plus présente. Dans cette nouvelle perspectives de technologies, les intrusions dans un système touchant aussi bien les simples utilisateurs que les entreprises. Toutefois, il est possible que de tels agissements puissent être sauvegardés afin de les analyser comme éléments de preuve.

    Read the article

  • Apache (XAMPP 1.8.0) access.log/Intrusion Detection Concern

    - by Andy Holaday
    [I originally posted on SO but it earned me a Tumbleweed badge. This looks like a better venue for the question.] I have Apache (XAMPP 1.8.0) running on Vista Pro x64. A couple times now I have seen a pattern like the example below in access.log. Concerning is the "attack" seems to somehow shift from a public IP to a valid private IP on my network (happens to be the WAN address of one of my routers). Two questions: How is this possible, and what happens if the "attacker" stumbles on a valid request? I've googled this to no avail. 177.0.X.X - - [03/Jun/2012:08:19:34 -0400] "GET /phpMyAdmin-2.5.4/index.php HTTP/1.1" 403 177.0.X.X - - [03/Jun/2012:08:19:34 -0400] "GET /phpMyAdmin-2.5.5-rc1/index.php HTTP/1.1" 403 177.0.X.X - - [03/Jun/2012:08:19:34 -0400] "GET /phpMyAdmin-2.2.6/index.php HTTP/1.1" 403 177.0.X.X - - [03/Jun/2012:08:19:34 -0400] "GET /phpMyAdmin-2.5.5-rc2/index.php HTTP/1.1" 403 192.168.15.3 - - [03/Jun/2012:08:19:56 -0400] "GET /phpMyAdmin-2.5.6-rc2/index.php HTTP/1.1" 403 177.0.X.X - - [03/Jun/2012:08:19:56 -0400] "GET /phpMyAdmin-2.5.6-rc1/index.php HTTP/1.1" 403 177.0.X.X - - [03/Jun/2012:08:19:56 -0400] "GET /phpMyAdmin-2.5.5-pl1/index.php HTTP/1.1" 403 192.168.15.3 - - [03/Jun/2012:08:19:59 -0400] "GET /phpMyAdmin-2.5.7/index.php HTTP/1.1" 403 192.168.15.3 - - [03/Jun/2012:08:20:01 -0400] "GET /phpMyAdmin-2.5.7-pl1/index.php HTTP/1.1" 403 192.168.15.3 - - [03/Jun/2012:08:20:02 -0400] "GET HTTP/1.1" 400 1060 "-" "-"

    Read the article

  • Data Execution Prevention in Windows Live Messenger

    - by Andrija
    I keep getting "Data Execution Prevention" error in Windows Live Messenger. I have noticed that this is happening usually when I leave computer to get coffee, and screensaver comes up, WLM breaks. Is there any way to prevent this error from happening? I see I can turn off this "Data Execution Prevention", but is that safe, since I know that WLM is under heavy attacks from spammers/hackers? Thanks

    Read the article

  • DNS hijack - prevention tips

    - by user578359
    Hi there, Over the weekend it looks like the DNS was hijacked on two of my domains. My set up is I have the sites registered on 1and1.co.uk, with dns nameservers pointing to Hostgator in the US where the sites are hosted. I also had cloudflare CDN running on the sites (via hostgator cpanel). My question is any ideas as to how this happened, and how I could either monitor it so I know if it occurs again, or strengthen the set up/service to minimise the risk. History: I received a ping from my site monitoring service that the sites were down. When I checked the sites were up so I assumed it was local to the monitoring service I received a ping last night the sites were up When I checked, one site was redirecting to download-manual.com (and checking that URL now, the home page is not the same as the one I saw, so they too may have been hijacked/hacked) The other site URL remained the same but had one of those standard site search pages which bounce you off to either phishing or paid for search sites I notified Hostgator who told me Cloudflare or 1and1 were the issue. I removed cloudflare, and contacted both them and hostgator, and am awaiting a response, but am not holding my breath. Is this common? I've never heard of this or come across this before. It's pretty scary that this can happen so easily. Appreciate any input. **Update: I've now spoken to support at 1and1, Hostgator, and Cloudflare, and each one claims it has nothing to do with them, and must be one of the others. Larry, curly, moe.

    Read the article

  • Sql Injection Prevention

    To protect your application from SQL injection, perform the following steps: * Step 1. Constrain input. * Step 2. Use parameters with stored procedures. * Step 3. Use parameters with dynamic SQL.

    Read the article

  • How to drop packets in a custom Intrusion Detection System

    - by tzoukos
    Hi there, I'm trying to build a custom Intrusion Detection and Prevention System (IDS/IPS). I found a great utility named ROPE which can scan the packet payload and drop the packet that doesn't follow the rules, set by a script. This serves my purpose completely, since what I want to do is check the payload for some specific text and then drop it or allow it ( the string feature in iptables wouldn't do me any good, because I want to check more than one string in tha payload, like usernames, id's, etc ). However, ROPE is really old and despite my many attempts I haven't managed to install it properly. Do you know any similar program that will help me drop packets in iptables depending on the payload? Any suggestion is greatly appreciated :)

    Read the article

1 2 3 4 5 6 7 8 9 10 11 12  | Next Page >