Search Results

Search found 835 results on 34 pages for 'attack'.

Page 23/34 | < Previous Page | 19 20 21 22 23 24 25 26 27 28 29 30 | Next Page >

Authenticating a Server with Digital Signatures

- by TomS

I understand how Non-repudiation and Integrity are achieved with Digital Signatures, but it's the Authentication that I don't grasp yet. I'm developing a Client-Server application in C#, that should be capable of Authentication with Digital Certificates and Digital Signatures. I know how to check the validity and integrity of a Signature (with SignedCms.CheckSignature()), but how does this authenticates any of the parts involved? For example: The client asks the Server for a Digital Signature, The client receives the signature and validates it, If the validation succeeds, continue. The client could be a victim of a man-in-the middle attack and receive a valid signature in step 2. The validation would succeed, but the client wouldn't be talking to the right server. What am I missing?

Read the article
Releasing an app - Developed on one account, releasing/approving on another

- by stumac85

Hi there, We have developed an application for a company who want to release it under their own account. It has been developed on our account and has had provisioning profiles attached to it from our own account. What is the best way to do this? Do I have to send them the xCode project and talk them through how to attack a provisioning profile to the project? Or can I just get their login details and create a provisioning profile from the Mac in the office and do it for them? Or is there a "transfer to different account" option? Many thanks!

Read the article
How to add monsters to a Pokemon game?

- by Michael J. Hardy

My friends and I are starting a game like Pokemon and we wanted to know how will we add monsters to the game? We're using VisualBasic because my friend's brother said it would be easier. So far we can put pictures of the monsters on the screen and you can click to attack and stuff. Right now when we want to add a monster we have to make a new window. This will take us a long time to make all the windows for each type of monster. Is there a tool or something to make this go faster? How do game companies do this?

Read the article
safely encode and pass a string from a html link to PHP program

- by bert

What series of steps would be reqired to safely encode and pass a string from a html href using javascript to construct the link to a php program. in javascript set up URL // encodes a URI component. path = "mypgm.php?from=" + encodeURIComponent(myvar) ; in php: // get passed variables $myvar = isset($_GET['myvar']) ? ($_GET['myvar']) : ''; // decode - (make the string readable) $myvar = (rawurldecode($myvar)); // converts characters to HTML entities (reduce risk of attack) $myvar = htmlentities($myvar); // maybe custom sanitize program as well? // see [http://stackoverflow.com/questions/2668854/php-sanitizing-strings-to-make-them-url-and-filename-safe][1] $myvar = sanitize($myvar);

Read the article
Can EC2 instances be set up to come from different IP ranges?

- by Joshua Frank

I need to run a web crawler and I want to do it from EC2 because I want the HTTP requests to come from different IP ranges so I don't get blocked. So I thought distributing this on EC2 instances might help, but I can't find any information about what the outbound IP range will be. I don't want to go to the trouble of figuring out the extra complexity of EC2 and distributed data, only to find that all the instances use the same address block and I get blocked by the server anyway. NOTE: This isn't for a DoS attack or anything. I'm trying to harvest data for a legitimate business purpose, I'm respecting robots.txt, and I'm only making one request per second, but the host is still shutting me down. Edit: Commenter Paul Dixon suggests that the act of blocking even my modest crawl indicates that the host doesn't want me to crawl them and therefore that I shouldn't do it (even assuming I can work around the blocking). Do people agree with this?

Read the article
Detect aborted connection during ASIO request

- by Tim Sylvester

Is there an established way to determine whether the other end of a TCP connection is closed in the asio framework without sending any data? Using Boost.asio for a server process, if the client times out or otherwise disconnects before the server has responded to a request, the server doesn't find this out until it has finished the request and generated a response to send, when the send immediately generates a connection-aborted error. For some long-running requests, this can lead to clients canceling and retrying over and over, piling up many instances of the same request running in parallel, making them take even longer and "snowballing" into an avalanche that makes the server unusable. Essentially hitting F5 over and over is a denial-of-service attack. Unfortunately I can't start sending a response until the request is complete, so "streaming" the result out is not an option, I need to be able to check at key points during the request processing and stop that processing if the client has given up.

Read the article
Why does IE prompt a security warning when viewing an XML file?

- by Tav

Opening an XML file in Internet explorer gives a security warning. IE has a nice collapsible tree view for viewing XML, but it's disabled by default and you get this scary error message about a potential security hole. http://www.leonmeijer.nl/archive/2008/04/27/106.aspx But why? How can simply viewing an XML file (not running any embedded macros in it or anything) possibly be a security hole? Sure, I get that running XSLT could potentially do some bad stuff, but we're not talking about executing anything. We're talking about viewing. Why can't IE simply display the XML file as text (plus with the collapsible tree viewer)? So why did they label this as a security hole? Can someone describe how simply viewing an XML document could be used as an attack document?

Read the article
Historical security flaws of popular PHP CMS's?

- by VirtuosiMedia

I'm creating a PHP CMS, one that I hope will be used by the public. Security is a major concern and I'd like to learn from some of the popular PHP CMS's like Wordpress, Joomla, Drupal, etc. What are some security flaws or vulnerabilities that they have they had in the past that I can avoid in my application and what strategies can I use to avoid them? What are other issues that I need to be concerned with that they perhaps didn't face as a vulnerability because they handled it correctly from the start? What additional security features or measures would you include? Please be as specific as possible. I'm generally aware of most of the usual attack vectors, but I want to make sure that all the bases are covered, so don't be afraid to mention the obvious as well. Assume PHP 5.2+.

Read the article
How should I protect against hard link attacks?

- by Thomas

I want to append data to a file in /tmp. If the file doesn't exist I want to create it I don't care if someone else owns the file. The data is not secret. I do not want someone to be able to race-condition this into writing somewhere else, or to another file. What is the best way to do this? Here's my thought: fd = open("/tmp/some-benchmark-data.txt", O_APPEND | O_CREAT | O_NOFOLLOW | O_WRONLY, 0644); fstat(fd, &st); if (st.st_nlink != 1) { HARD LINK ATTACK! } What's the right way? Besides not using a world-writable directory.

Read the article
Disabling javascript in specific block/div (containing suspect HTML) ?

- by T4NK3R

Is it, in any way, possible to disable the browsers execution of script inside a block/section/element ? My scenario is, that I'm letting my (future) users create "rich content" (using CK-editor). Content that wil later be shown to other users - with all the dangers that imply: xss, redirection, identity theft, spam and what not... I've, more or less, given up on trying to "sanitize" the incomming XHTML, after seeing how many known "vectors of attack" there are: http://ha.ckers.org/xss.html What I'm really looking for is something like: < div id="userContent"< scriptOFF suspect HTML < /scriptOFF< /div

Read the article
CRSF token and Session replication with Tomcat and Apache

- by technocool

I have an J2EE compliant web application. I use a session based token to append a secondary id to all incoming link generated by my application. To prevent my application against CSRF attack, I validate the secondary id before I allow the user session to work off the subsequent page. Recently, while working with session replication mechanism implementation, I observed that on session failover, the generated secodary id is lost and the user get re directed to the login page/default page. Any suggestions on how I can ensure that the my generated secondary token id is not lost from the replicated session?

Read the article
Ideas for building vulnerabilities into your site?

- by Jaco Pretorius

I'm trying to create a programming challenge that would require developers to hack into the MVC site I create. The idea is obviously to teach them about preventing these types of attacks. The current idea I have is to build multiple vulnerabilities into the site - but the second vulnerability would require the first to be completed, etc. So I was thinking the first could be a sql injection attack, the second would require a modified GET request, etc. Exploiting the final vulnerability would reveal a specific piece of information which is proof that you have completed the entire challenge. This will not be deployed on a public site - it's simply a learning tool for developers at my company. I'm not looking for MVC-specific vulnerabilities - I'm simply using MVC because it allows me to work with the 'raw' HTML. Any ideas on the different vulnerabilities I can use?

Read the article
Why does MySQL autoincrement increase on failed inserts?

- by Sorcy

A co-worker just made me aware of a very strange MySQL behavior. Assuming you have a table with an auto_increment field and another field that is set to unique (e.g. a username-field). When trying to insert a row with a username thats already in the table the insert fails, as expected. Yet the auto_increment value is increased as can be seen when you insert a valid new entry after several failed attempts. For example, when our last entry looks like this... ID: 10 Username: myname ...and we try five new entries with the same username value on our next insert we will have created a new row like so: ID: 16 Username: mynewname While this is not a big problem in itself it seems like a very silly attack vector to kill a table by flooding it with failed insert requests, as the MySQL Reference Manual states: "The behavior of the auto-increment mechanism is not defined if [...] the value becomes bigger than the maximum integer that can be stored in the specified integer type." Is this expected behavior?

Read the article
Secure database connection. DAL .net architecture best practice

- by Andrew Florko

We have several applications that are installed in several departments that interact with database via Intranet. Users tend to use weak passwords or store login/password written on a shits of paper where everybody can see them. I'm worried about login/password leakage & want to minimize consequences. Minimizing database-server attack surface by hiding database-server from Intranet access would be a great idea also. I'm thinking about intermediary data access service method-based security. It seems more flexible than table-based or connection-based database-server one. This approach also allows to hide database-server from public Intranet. What kind of .net technologies and best practices would you suggest? Thank in you in advance!

Read the article
Sending mass email using PHP

- by Alan

I am currently writing a music blog. The administrator posts a new article every 2-3 days. Once the administrator posts an article, a mass email will be sent to around 5000 subscribers immediately. What is the best way to implement the mass mail feature? Does the following function work? function massmail() { $content = '...'; foreach ($recipients as $r) { $_content = $content . '<img src="http://xxx/trackOpenRate.php?id='.$r.'">'; mail($r, 'subject', $_content); } } Another question: If all 5000 subscribers are using Yahoo Mail, will Yahoo treat it as a DDOS attack and block the IP address of my SMTP server?

Read the article
Is it a bad idea to have a login dialog inside an iframe?

- by AyKarsi

We're creating a website where we will be giving out code snippets to our users which they can place on their own websites. These snippets contain a link a javascript include. When clicking the link, an iframe containing the login dialog to our site opens. The user then authenticates inside the iframe, does his work and when he leaves the iframe his session is closed. We've got it working allready and it's very slick. Our main concern though is phishing. The user has absolutely now way of veryifying where the login page is really coming from. On the other hand, phising attacks are also succesfull even if the user can see the fake-url in the address bar. Would you enter your (OpenId) credentials in an iframe? Does anyone know a pattern with which we could minimise the chances of a phishing attack?

Read the article
help in security assignment

- by scatman

i have to write a program that sniffs network packets (part1-the simple part). and i have to update the program (part2) so that it will be able to terminate connections. the specific requirements are: construct raw packets by specifying data link layer and network layer information including appropriate source and destination MAC and IP addresses. These packets are intended to terminate the connection. To do so, you should used SOCK_RAW as the socket type to be able to set the header information by yourself. can anybody give me some ideas on the second part? should i hijack the session,apply a dos attack on one of the users?? all i need is some tips of how to terminate the connection. i am using c programming language. and this is a course assignment for the security course.

Read the article
ASP.NET MVC: trying out a script injection hangs Visual Studio 2010 completely?

- by Mark Redman

Wondering if anyone has an idea of whats going on: I am new to ASP.NET MVC and am trying out a few things with jquery/ajax. The basic scenario is a dropdownlist with an add button next to it. Clicking the add button launches a jquery ui dialog with a textbox form, entering a value saves the item to the database and refreshes the drop-downlist. The dropdownlist is re-populated using a JSON result. This all works ok. I thought I would try a script injetion attack, ie add the text: alert("oh dear") to seee what would happen and to check if I need to encode anything. When I try and save this item (similar to the same process of adding a plain text entry) Visual Studio 2010 Beta 2 hangs completely. Any ideas? UPDATE: It happens when posting: "</"

Read the article
The implicit function __strcpy_chk() call

- by Summer_More_More_Tea

Hi everyone: I'm now performing a stack buffer overflow attack test on my own PC( Ubuntu 9.10, gcc-4.4.1 ) based on the article http://www.tenouk.com/Bufferoverflowc/Bufferoverflow4.html. Yet I haven't achieved the goal. Each time a segfault is thrown accompanied with some error informaiton. I compile the source code, and wanna get further information using objdump. Function __strcpy_chk is invoked in the assembly code dumped out, and it's said that "The __strcpy_chk() function is not in the source standard; it is only in the binary standard." Does this the mechanism a compiler employed to protect runtime stack? To finish my test, how can I bypass the protection? Regards.

Read the article
"Zoom" text to be as big as possible within constraints/box

- by stolsvik

First problem: You have 400 pixels width to go on, and need to fit some text within that constraint as large as possible (thus, the text shall use that amount of space). Throw in a new constraint: If the text is just "A", then it shall not zoom this above 100 pixels (or some specific font size). Then, a final situation: Linebreaks. Fit some text in the largest possible way within e.g. 400 x 150 pixels. An obvious way is to simply start with point 1, and then increase until you can't fit it anymore. This would work for all three problems, but would be very crude. The fitting of a single line within bounds could be done by writing it with some fixed point size, check the resulting pixel bounds of the text, and then simply scale it with a transform (the text scales properly too then, check out TransformUI). Any ideas of other ways to attack this would be greatly appreciated!

Read the article
How do you encrypt data between client and server running in Flash and Java?

- by ArmlessJohn

We have a multiclient system where the client is written in Flash and the server is written in Java. Currently, communication is done in Flash by usage of flash.net.Socket and the protocol is written in JSON. The server uses a custom port to receive connections and then proceed to talk with each client. As expected, data is sent and received on both fronts as raw bytes, which are then decoded as needed. We would like to encrypt the communication between clients and server. I have some basic understanding about public/private key encryption, but I do not know what is the best way to exchange keys or what libraries are available (on both languages) to do this. What would be the best strategy to attack this problem and where should I start looking for libraries/methods to implement this encryption?

Read the article
TCP 3 way handshake

- by Tom

Hi, i'm just observing what NMAP is doing for the 3 ports it reports are open. I understand what a half-scan attack is, but what's happening doesnt make sense. NMAP is reporting ports 139 are 445 are open..... all fine. But when i look at the control bits, NMAP never sends RST once it has found out the port is open, It does this for port 135- but not 139 and 445. This is what happens: (I HAVE OMITTED THE victim's replies) Sends a 2 (SYN) Sends a 16 (ACK) Sends a 24 (ACK + PST) Sends a 16 (ACK) Sends a 17 (ACK + FIN) I dont get why NMAP doesnt 'RST' ports 139 and 445??

Read the article
Architecture of a secure application that encrypts data in the database.

- by Przemyslaw Rózycki

I need to design an application that protects some data in a database against root attack. It means, that even if the aggressor takes control over the machine where data is stored or machine with the application server, he can't read some business critical data from the database. This is a customer's requirement. I'm going to encrypt data with some assymetric algorithm and I need some good ideas, where to store private keys, so that data is secure as well as the application usability was quite comfortable? We can assume, for simplicity, that only one key pair is used.

Read the article
How to fight fake reviewers on iTunes?

- by Tiger

Hi my app "Vocal Zoo Plus" is under attak of fake reviews by a competitor Apple did nothing in similar cases and I don't even have a usa account Any id'e how to fight them? I will willingly give promocodes for my app if someone would like to help the fight and write a true review but that would only help me at usa since the attack is coming from UK as well all other reviews by the way are 5 stars The reviewer who gave me one star with false bugs happend to rate 5 star for this competitor Apps. Any advice / help will be apriciated.

Read the article
PHP - Using strcpsn() to protect against SQL injection?

- by MichaelMitchell

I am making a sort of form validation system and I need to check the SQL database to see if the username is already there. So, my question, is it effective to use a little if statement like this to protect against an attack? if (strcspn($string, "/\?!@#$%^&*()[]{}|:;<>,.\"\'-+=" == strlen($string)){ return true; } So essentially, if the string contains any of these characters, "/\?!@#$%^&*()[]{}|:;<>,.\"\'-+=", then the length will not equal that of the original $string. I am just wondering if this is sufficient to protect, or if there is more that I must do. Thanks.

Read the article

< Previous Page | 19 20 21 22 23 24 25 26 27 28 29 30 | Next Page >