Search Results

Search found 544 results on 22 pages for 'attacks'.

Page 12/22 | < Previous Page | 8 9 10 11 12 13 14 15 16 17 18 19  | Next Page >

  • Remove CGI from IIS7

    - by jekcom
    I ran some security scan and the scan said that all kind of CGI stuff are potential thread. This is part of the result : (ash) is present in the cgi-bin directory (bash) is present in the cgi-bin directory By exploiting this vulnerability, a malicious user may be able to execute arbitrary commands on a remote system. In some cases, the hacker may be able to gain root level access to the system, in which case the hacker might be able to cause copious damage to the system, or use the system as a jumping off point to target other systems on the network for intrusion and/or denial of service attacks. and many more related to cgi-bin directory. First I searched all the server for cgi-bin folder and it did not find any. Second I'm running my website on pure .NET and I don't use any scripts like php. Question is how can I remove this CGI thing from the IIS?

    Read the article

  • Microsoft Security Essentials 2.0 Kills Viruses Dead. Download It Now.

    - by The Geek
    Microsoft’s Security Essentials has been our favorite anti-malware application for a while—it’s free, unobtrusive, and it doesn’t slow your PC down, but now it’s even better with the new 2.0 release, which adds network filtering, heuristic protection, and more. Just to be clear and direct with you: we absolutely recommend Microsoft Security Essentials as your anti-malware / anti-virus utility over any other option—and how can you argue? It’s totally free! New Features in 2.0 Here’s all of the new features in the latest release, which make it even more of a must-download: Network Traffic Inspection integrates into the network system and monitors the traffic at a low level without slowing down your PC, so it can actually detect threats before they get to your PC.   Internet Explorer Integration blocks malicious scripts before IE even starts running them—clearly a big security advantage.  Heuristic Scanning Engine finds malware that hasn’t been previously detected by scanning for certain types of attacks. This provides even more protection than just through virus definitions.   These new features make MSE on par with other anti-malware applications, especially the heuristic scanning, which has been the only complaint that anybody could make against MSE in the past—but now it has it Latest Features How-To Geek ETC The Complete List of iPad Tips, Tricks, and Tutorials The 50 Best Registry Hacks that Make Windows Better The How-To Geek Holiday Gift Guide (Geeky Stuff We Like) LCD? LED? Plasma? The How-To Geek Guide to HDTV Technology The How-To Geek Guide to Learning Photoshop, Part 8: Filters Improve Digital Photography by Calibrating Your Monitor The Spam Police Parts 1 and 2 – Goodbye Spammers [Videos] Snow Angels Theme for Windows 7 Exploring the Jungle Ruins Wallpaper Protect Your Privacy When Browsing with Chrome and Iron Browser Free Shipping Day is Friday, December 17, 2010 – National Free Shipping Day Find an Applicable Quote for Any Programming Situation

    Read the article

  • Hardening network with sysctl settings made Wi-fi downloading speed extremely slow

    - by Rohit Bansal
    I just followed up following steps to harden network security The /etc/sysctl.conf file contain all the sysctl settings. Prevent source routing of incoming packets and log malformed IP's enter the following in a terminal window: sudo vi /etc/sysctl.conf Edit the `/etc/sysctl.conf` file and un-comment or add the following lines : # IP Spoofing protection net.ipv4.conf.all.rp_filter = 1 net.ipv4.conf.default.rp_filter = 1 # Ignore ICMP broadcast requests net.ipv4.icmp_echo_ignore_broadcasts = 1 # Disable source packet routing net.ipv4.conf.all.accept_source_route = 0 net.ipv6.conf.all.accept_source_route = 0 net.ipv4.conf.default.accept_source_route = 0 net.ipv6.conf.default.accept_source_route = 0 # Ignore send redirects net.ipv4.conf.all.send_redirects = 0 net.ipv4.conf.default.send_redirects = 0 # Block SYN attacks net.ipv4.tcp_syncookies = 1 net.ipv4.tcp_max_syn_backlog = 2048 net.ipv4.tcp_synack_retries = 2 net.ipv4.tcp_syn_retries = 5 # Log Martians net.ipv4.conf.all.log_martians = 1 net.ipv4.icmp_ignore_bogus_error_responses = 1 # Ignore ICMP redirects net.ipv4.conf.all.accept_redirects = 0 net.ipv6.conf.all.accept_redirects = 0 net.ipv4.conf.default.accept_redirects = 0 net.ipv6.conf.default.accept_redirects = 0 # Ignore Directed pings net.ipv4.icmp_echo_ignore_all = 1 To reload sysctl with the latest changes, enter: sudo sysctl -p But, after applying the changes I found "Wi-fi" downloading speed and terminal downloading speed extremely slow (less than 1KB/s) however surfing speed through browser was good. But, using direct ethernet cable was giving a good speed. Then, I reverted back the above changes and things fall back in line once again.... Could you please let me know what possibly in above script is affecting such behaviour [and why] ? How could I still maintain hardening of network security without disturbing Wi-fi downloading speed ?

    Read the article

  • DevDays ‘00 The Netherlands day #2

    - by erwin21
    Day 2 of DevDays 2010 and again 5 interesting sessions at the World Forum in The Hague. The first session of the today in the big world forum theater was from Scott Hanselman, he gives a lap around .NET 4.0. In his way of presenting he talked about all kind of new features of .NET 4.0 like MEF, threading, parallel processing, changes and additions to the CLR and DLR, WPF and all new language features of .NET 4.0. After a small break it was ready for session 2 from Scott Allen about Tips, Tricks and Optimizations of LINQ. He talked about lazy and deferred executions, the difference between IQueryable and IEnumerable and the two flavors of LINQ syntax. The lunch was again very good prepared and delicious, but after that it was time for session 3 Web Vulnerabilities and Exploits from Alex Thissen. This was no normal session but more like a workshop, we decided what kind of subjects we discussed, the subjects where OWASP, XSS and other injections, validation, encoding. He gave some handy tips and tricks how to prevent such attacks. Session 4 was about the new features of C# 4.0 from Alex van Beek. He talked about Optional- en Named Parameters, Generic Co- en Contra Variance, Dynamic keyword and COM Interop features. He showed how to use them but also when not to use them. The last session of today and also the last session of DevDays 2010 was about WCF Best Practices from Gerben van Loon. He talked about 7 best practices that you must know when you are going to use WCF. With some quick demos he showed the problem and the solution for some common issues. It where two interesting days and next year i sure will be attending again.

    Read the article

  • How do I deny all requests not from cloudflare?

    - by phillips1012
    I've recently gotten denial of service attacks from multiple proxy ips, so I installed cloudflare to prevent this. Then I started noticing that they're bypassing cloudflare by connecting directly to the server's ip address and forging the host header. What is the most performant way to return 403 on connections that aren't from the 18 ip addresses used by cloudflare? I tried denying all then explicitly allowing the cloudflare ips but this doesn't work since I've set it up so that CF-Connecting-IP sets the ip allow tests for. I'm using nginx 1.6.0.

    Read the article

  • What response should be made to a continued web-app crack attempt?

    - by Tchalvak
    I've issues with a continuous, concerted cracking attempt on a website (coded in php). The main problem is sql-injection attempts, running on a Debian server. A secondary effect of the problem is being spidered or repeatedly spammed with urls that, though a security hole has been closed, are still obviously related attempts to crack the site, and continue to add load to the site, and thus should be blocked. So what measures can I take to: A: Block known intruders/known attack machines (notably making themselves anonymous via botnet or relaying servers) to prevent their repeated, continuous, timed access from affecting the load of the site, and B: report & respond to the attack (I'm aware that the reporting to law enforcement is almost certainly futile, as may be reporting to the ip/machine where the attacks are originating, but other responses to take would be welcome).

    Read the article

  • Remembering September 11 - 11 Years Later

    - by user12613380
    It's September 11 again and time to reminisce about that fateful day when the world came together as one. The attacks of that day touched everyone around the world as almost 3000 people from the United States and 38 other countries were killed. This year, I am finding it difficult to say anything other than what I have said in previous years. So, I will not try to "wax loquacious." Instead, I will simply say that I will never forgot. I will not forget where I was on that day. I will not forgot the people who died. I will not forget the people who gave their lives so that others might live. And I will not forget how our world changed on that day. And with that remembrance, we again return to our lives, using tragedy to drive us to build a world of peace and opportunity. My thanks go out again to the men and women, uniformed or not, who continue to protect us from harm. May we never again experience such human tragedy, on U.S. soil or elsewhere.

    Read the article

  • I'm scared for my technical phone interview for an internship!

    - by Marie
    [EDIT 2.0 ]Hello everyone. This is my second phone interview for a development internship. My very first one was okay, but I didn't get my dream internship. Now, I'm facing fears about this upcoming interview. My fears include the following: I'm 19 years old. The thought of 2 lead developers interviewing me makes me think that I'll know so little of what they'd want me to know. Like they will expect so much. I'm a junior having these panic attacks that I did not get in the other internship. I have a little voice saying "You didn't get the other one. What makes you think you'll get this one?". I'm scared that I'll freeze up, forget everything I know, and stutter like an idiot. I'm still traumatized by the last one, because I really really wanted that internship, and I even studied very hard for it. When I was in the interview, I was so nervous I couldn't think clearly. As a result, I didn't do as well as I know I could have. The minute I hung up, I even thought of a better solution to the interview question! Any tips for a soon-to-be intern (hopefully!)? Thank you! P.S. I'm preparing by using this guide for phone interviews.

    Read the article

  • What is the most time-effective way to monitor & manage threats from bots and/or humans?

    - by CheeseConQueso
    I'm usually overwhelmed by the amount of tools that hosting companies provide to track & quantify traffic data and statistics. I'm equally overwhelmed by the countless flavors of malicious 'attacks' that target any and every web site known to man. The security methods used to protect both the back and front end of a website are documented well and are straight-forward in terms of ease of implementation and application, but the army of autonomous bots knows no boundaries and will always find a niche of a website to infest. So what can be done to handle the inevitable swarm of bots that pound your domain with brute force? Whenever I look at error logs for my domains, there are always thousands of entries that look like bots trying to sneak sql code into the database by tricking the variables in the url into giving them schema information or private data within the database. My barbaric and time-consuming plan of defense is just to monitor visitor statistics for those obvious patterns of abuse and either ban the ips or range of ips accordingly. Aside from that, I don't know much else I could do to prevent all of the ping pong going on all day. Are there any good tools that automatically monitor this background activity (specifically activity that throws errors on the web & db server) and proactively deal with these source(s) of mayhem?

    Read the article

  • Tomcat repeated 401 and the client nonce cache

    - by PaulNBN
    I've got a Tomcat 6.0.35 service with a SOAP based webapp protected by Digest Authentication. We are seeing issues with various users getting repeated 401 responses since we upgraded to 6.0.35. Additionally we are getting the following entries in Catalina log: WARNING: A valid entry has been removed from client nonce cache to make room for new entries. A replay attack is now possible. To prevent the possibility of replay attacks, reduce nonceValidity or increase cnonceCacheSize. Further warnings of this type will be suppressed for 5 minutes. Any idea what is going on?

    Read the article

  • Get the MakeUseOf eBook Guide to Hacker Proofing Your PC

    - by ETC
    If you’re interested in checking out a solid overview of PC security best practices and tips, our friends over at MakeUseOf.com have released another free book in their computer-oriented eBook series. The fifty-page ebook HackerProof: Your Guide to PC Security covers a variety of topics including types of malware, operating systems and their inherent vulnerabilities, security best practices, tools for protecting your PC, the importance of security prep and backups, and recovering from malware attacks. It’s a nice and compact text, perfect for brushing up on security best practices for your own machine or sending to friends and relatives that could use a little after-school tutoring on keeping their computer secure and out of trouble. The best tip from the book? The overall message to be cautious and be preemptive in your security efforts is a great meta-tip to take away. Up-to-date definition files and a healthy sense of random links and emails attachments goes a long, long way towards staying safe. HackerProof: Your Guide to PC Security [Direct Link via MakeUseOf] Latest Features How-To Geek ETC How to Get Amazing Color from Photos in Photoshop, GIMP, and Paint.NET Learn To Adjust Contrast Like a Pro in Photoshop, GIMP, and Paint.NET Have You Ever Wondered How Your Operating System Got Its Name? Should You Delete Windows 7 Service Pack Backup Files to Save Space? What Can Super Mario Teach Us About Graphics Technology? Windows 7 Service Pack 1 is Released: But Should You Install It? Get the MakeUseOf eBook Guide to Hacker Proofing Your PC Sync Your Windows Computer with Your Ubuntu One Account [Desktop Client] Awesome 10 Meter Curved Touchscreen at the University of Groningen [Video] TV Antenna Helper Makes HDTV Antenna Calibration a Snap Turn a Green Laser into a Microscope Projector [Science] The Open Road Awaits [Wallpaper]

    Read the article

  • public key infrastructure - distribute bad root certificates

    - by iamrohitbanga
    Suppose a hacker launches a new Linux distro with firefox provided with it. Now a browser contains the certificates of the root certification authorities of PKI. Because firefox is a free browser anyone can package it with fake root certificates. Can this be used to authenticate some websites. How? Many existing linux distros are mirrored by people. They can easily package software containing certificates that can lead to such attacks. Is the above possible? Has such an attack taken place before?

    Read the article

  • DNS records on website.. What are they for?

    - by Blake Nic
    Recently we had to get some ddos protection for our website because of the large attacks we were seeing after getting a bit of popularity. We handed over our domain and hosting information to our ddos protection provider. It worked perfectly but I have a question. On our DNS records we have the Host and Answer and Type. The Host has our domain name there. The answer is this: SOMETEXTXXXX.dv.googlehosted.com. And when i copy and paste it into my browser it gives me a 404 error. But our website still loads and functions as it should. I don't understand why it would need this? I asked them about this and they said it is a method for ddos protection and the other IPs are the reverse proxy (the other ips give a 404 error too). Can anyone expand on this more please. How does all this tie in together and make the internet browser know where to point the person with all these reverse proxies and stuff I don't understand. Thank you. Here is an image for reference: http://i.stack.imgur.com/qo5QO.png

    Read the article

  • Demonstrate bad code to client?

    - by jtiger
    I have a new client that has asked me to do a redesign of their website, an ASP.NET Webforms application that was developed by another consultant. It seemed straight-forward (it never is) but I took a look at the code to make sure I knew what I was in for. This application was not written well. At all. It is extremely vulnerable to SQL Injection attacks, business logic is spread throughout the entire application, a lot of duplication, and dead end code that does nothing. On top of that, it keeps throwing exceptions that are being smothered, so it all appears to be running smoothly. My job is to simply update the html and css, but much of the html is being generated in business logic and would be a nightmare for me to sort everything out. My estimates on the redesign were longer than the client was aiming for, and they are asking why so long. How can I explain to my client just how bad this code is? In their mind, the application is running great and the redesign should be a quick one-off. It's my word against the previous consultant, so how can I actually give simple, concrete examples that a non-technical client would understand?

    Read the article

  • A good tool for browser automation/client-side Web scripting

    - by hardmath
    I'm interested in adopting a tool/scripting language to automate some daily tasks connected with fighting forum spammers. A brief overview of these tasks: analyze new registrations and posts on a phpBB forum, and delete or deactivate spammers using a website/community that collects such spam reports. Typically such automation is integrated into the phpBB installation itself, which certainly has its advantages. My approach has the advantage of independent operation, etc. One way to think about this is in terms of browser automation. I've used iOpus iMacros for Firefox (the free version) in the past to respond to individual spammers, but current attacks are highly distributed. My "logic" for pigeonholing spammers vs. nonspammers seems beyond the easy reach of the free version of iMacros. From a more technical perspective one can think about dispensing with the browser altogether and programming GET/POST requests directed to my forum and other Web-based resources. I'm familiar with some scripting languages like Ruby and Lua, but I could be persuaded that a compiled application is better suited for these tasks. However in my experience the dynamic flexibility of interpreted environments is very useful in prototyping and debugging the application logic. So I'm leaning in the direction of scripting languages. Among browsers I favor Firefox and Chrome. I use both Windows and Linux platforms, and if the tool can adapt to an Android platform, it would make a neat demonstration of skills, yes? Thanks in advance for your suggestions!

    Read the article

  • PCI scan findings and problems with week ciphers on ports 993,443,995,465

    - by user64991
    From PCI scan results: Synops is : The remote service encrypts traffic using a protocol with known weaknesses . Description : The remote service accepts connections encrypted using SSL 2.0, which reportedly suffers from several cryptographic flaws and has been deprecated for several years. An attacker may be able to exploit these issues to conduct man-in-the-middle attacks or decrypt communications between the affected service and clients . See also : http://www.schneier.com/paper-ssl.pdf Solution: Consult the application's documentation to disable SSL 2.0 and use SSL 3.0 or TLS 1.0 instead. Risk Factor: Medium / CVSS Base Score : 2 (AV:R/AC:L/Au:NR/C:P/A:N/I:N/B:N) I have tried to change SSLProtocol all -SSLv2 to SSLProtocol -ALL +SSLv3 +TLSv1 And SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW To SSLCipherSuite ALL:!ADH:RC4+RSA:+HIGH:!MEDIUM:!LOW:!SSLv2:!EXPORT But using SSLdigger, it shows the same result. Is this the right way to do something like this?

    Read the article

  • Seeing a pre-logon app's GUI after logon (or ever)

    - by JimB
    I'm looking for either a method to achieve this, or a clear reason why it's not possible. I use Scheduled Tasks to start an app with a GUI at system startup. I want to see that GUI's screen after logon without restarting it. I'm willing to type a password and/or re-logon and/or or use whatever app or tool to help, including changing the way I run the GUI app. It just can't wait for a user logon to start. How do I do it? Or if it's absolutely impossible, why? I've read about "Shatter attacks" but that doesn't seem to cover this. I'm most interested in XP and Windows7. If multiple solutions exist, of course I'd prefer the most convenient, flexible and/or open source.

    Read the article

  • Can a malicious hacker share Linux distributions which trust bad root certificates?

    - by iamrohitbanga
    Suppose a hacker launches a new Linux distro with firefox provided with it. Now a browser contains the certificates of the root certification authorities of PKI. Because firefox is a free browser anyone can package it with fake root certificates. Thus a fake root certificate would contain a the certification authority that is not actually certified. Can this be used to authenticate some websites. How? Many existing linux distros are mirrored by people. They can easily package software containing certificates that can lead to such attacks. Is the above possible? Has such an attack taken place before?

    Read the article

  • OpenBSD in a virtual box as a firewall

    - by Ali
    Is there any merit in installing a virtual machine with OpenBSD and pf (or any other simple and secure OS + iptable) on a mac laptop and routing all the traffic through that machine? I read a similar set up for corporate laptops running windows (I thing I read this in BSD magazine). They claim that Windows machines are too hard to secure and if you are taking them to the wild (public wireless, hotels, ...) you'd better but a secure OS in between! If you think this is a good idea, how you route all the traffic on a mac through the virtual machine and prevent any application or service to go directly? I am not sure if just setting the gateway will do that, what about DNS? you don't want anybody to fool you with DNS cache poisoning or similar attacks either.

    Read the article

  • Why is "googlehosted.com" in the DNS records for our website after signing up for DDOS protection?

    - by Blake Nic
    Recently we had to get some DDOS protection for our website because of the large attacks we were seeing after getting a bit of popularity. We handed over our domain and hosting information to our DDOS protection provider. It worked perfectly but I have a question. On our DNS records we have the Host and Answer and Type. The host has our domain name there. The answer is this: SOMETEXTXXXX.dv.googlehosted.com. And when I copy and paste it into my browser it gives me a 404 error. But our website still loads and functions as it should. I don't understand why it would need this? I asked them about this and they said it is a method for DDOS protection and the other IPs are the reverse proxy (the other IPs give a 404 error too). Can anyone expand on this more please. How does all this tie in together and make the internet browser know where to point the person with all these reverse proxies and stuff I don't understand. Here is an image for reference:

    Read the article

  • Perform action based on load avg

    - by sfx
    I'm running some web applications on an debian server and have to struggle with ddos attacks sometimes. It's eating up all my resources and I can't ssh anymore into the server. An idea was to drop all connections if the load avg is too high, so there are still resources for me and accept new connections if the load avg is low enough. Since this has to work under heavy load I'm afraid a cronjob wouldn't be fast enough or take too much resources. tl;dr: Is there a way to configure the behavior if the load avg is above a specific threshold?

    Read the article

  • SPF include: too many IP addresses

    - by sprezzatura
    I've hit a snag with SPF. The SPF record for my domain will contain four or five entries, plus it will contain: include:sgizmo.com The SPF record for sgizmo.com contains eleven entries! This, plus mine, is way over the maximum ten allowed by the RFC (and probably by most servers). I realize that there has to be a limit in order to prevent DoS attacks. However, in the real world, it is probably not unreasonable for large companies to have many server addresses. Furthermore, must I know monitor my 'include:' counterparts for changes and additions? Must I check weekly, daily, to insure that some combination of changes doesn't suddenly put me over the top? It doesn't seem to me that SPF is suitable for prime time. Is there another way to do this?

    Read the article

  • Oracle Traffic Director – download and check out new cool features in 11.1.1.7.0 by Frances Zhao

    - by JuergenKress
    As Oracle's strategic layer-7 software load balancer product, Oracle Traffic Direct is fast, reliable, secure, easy-to-use and scalable; that you can deploy as the reliable entry point for all TCP, HTTP and HTTPS traffic to application servers and web servers in your network. The latest release Oracle Traffic Director 11.1.1.7.0 is available for ExaLogic and Database Appliance! For download and details please visit the Traffic Director OTN website. It this release, we have introduced some major new functionality and improvements. Web application firewall. Oracle Traffic Director supports web application firewalls. A web application firewall (WAF) is a filter or server plugin that applies a set of rules, called rule sets, to an HTTP request. Using a web application firewall, users can inspect traffic and deny requests to protect back-end applications from CSRF vulnerabilities and common attacks such as cross-site scripting. WebSocket Connections. Oracle Traffic Director handles WebSocket connections by default. WebSocket connections are long-lived and allow support for live content, games in real-time, video chatting, and so on. Support for LDAP/T3 Load Balancing. Oracle Traffic Director now supports basic LDAP/T3 load balancing at layer 7, where requests are handled as generic TCP connections for traffic tunneling. It works in full-NAT mode. Please download and try it out. For more information, check out the data sheet and the documentation. For regular information become a member in the WebLogic Partner Community please visit: http://www.oracle.com/partners/goto/wls-emea ( OPN account required). If you need support with your account please contact the Oracle Partner Business Center. Blog Twitter LinkedIn Mix Forum Wiki Technorati Tags: traffic director,WebLogic Community,Oracle,OPN,Jürgen Kress

    Read the article

  • Game Server Colocation

    - by Linuz
    Hello, I am new to colocation. I am looking for a good place to host my server that would have around 5-10 Source Servers (Team Fortress 2). I am looking at maybe around 90 players at a time for now, players coming from all over the United States Could I get more info on what I am suppose to look for exactly? Would it be correct for me to get a 100Mb/s line and does 100Mb/s line in the following example actually be 100Mb/s upload bandwidth? Example: package 4 of FDC's services: http://www.fdcservers.net/server_colocation.php also I want to get something unmettered. I do not want to have to ever worry about going over some bandwidth limit or any DDOS attacks killing me. And if anyone has any other recommendations as to what network configurations I should get or any other good colocation providers that are cheap in price, I would REALLY appreciate the help. Thanks

    Read the article

  • Securing RDP access to Windows Server 2008 R2: is Network Level Authentication enough?

    - by jamesfm
    I am a dev with little admin expertise, administering a single dedicated web server remotely. A recent independent security audit of our site recommended that "RDP is not exposed to the Internet and that a robust management solution such as a VPN is considered for remote access. When used, RDP should be configured for Server Authentication to ensure that clients cannot be subjected to man-in-the-middle attacks." Having read around a bit, it seems like Network Level Authentication is a Good Thing so I have enabled the "Allow connections only from Remote Desktop with NLA" option on the server today. Is this acion enough to mitigate the risk of a Man-in-the-Middle attack? Or are there other essential steps I should be taking? If VPN is essential, how do I go about it?

    Read the article

< Previous Page | 8 9 10 11 12 13 14 15 16 17 18 19  | Next Page >