Home » Information Security » Page 4
A botnet is a collection of compromised computers, each of which is
known as a 'bot', connected to the Internet. When a computer is
compromised by an attacker, there is often code within the malware
that commands it to become part of a botnet. The "botmaster" or "bot
herder" controls these compromised computers via standards-based
network protocols such as IRC and http.Is there a way to detect that
your computer is being used in a botnet-based DDoS attack?There is
some tool suc
I set up a server running debian I opened port 22 allowing access to
ssh into the port. I keep getting weird messages in my router log
saying: [LAN access from remote] from 211.161.46.101:57201 to
10.xx.xx.xx:22I looked up the IP address and it said something about
being from Beijing. Am I being hacked? I changed the password on the
server login once already and now its saying the same thing but with a
different IP address.
Often on my home network I get random SSL certificate errors when I
visit certain well-known sites. Today it was a Google SSL error, where
Google apparently tried to identify itself as *.icloud.com. In the
past we have seen errors from Facebook, Barnes and Noble, and others.
It also seems to be network-wide; my desktop, phone, and wife's phone
have SSL problems as well when we're connected to the network.I'm not
a security expert, so I have a few off-the-wall guesses as to why this
could be ha
This question has been bothering me ever since I first heard of ATM
skimmers: Instances of skimming have been reported where the
perpetrator has put a device over the card slot* of an ATM (automated
teller machine), which reads the magnetic strip as the user
unknowingly passes their card through it. These devices are often
used in conjunction with a miniature camera (inconspicuously attached
to the ATM) to read the user's PIN at the same time. This method is
being used very freq
I want to know, if in my login form there is any SQL injection
possible. If there is, what could the exploit's web form entry look
like?I send username and password by html form (POST).The login
function code is:$username = $_POST['user'];$password =
$_POST['pwd'];$password = md5(password);$sql = "SELECT id_user, name
FROM 'TAB_USER' WHERE user = '$username' AND passwd = '$password' AND
enable='Y'";$result = mysql_query($sql,$dbCon);$check =
mysql_num_rows($result);mysql_free_resul
Count this question as part of my ignorance on how authentication
scheme is done on your typical VPN session. But here goes:We often
advise the security-conscious user that if one must use an unsecured
public wifi connection (say, at an airport, internet cafe, restaurant,
etc), then always connect to a private VPN. This will allow the user
to connect and surf from a trusted network with all traffic being
encrypted.My question is this: The connection/authentication process.
Sure, VPN offe
Assuming that the answer to How does Google detect new devices for two
factor authentication is indeed cookies, how then do they store that
information securely in the cookie? AND any ideas on what they store
in there? Are they following some security pattern?I'm hoping (like
fingers crossed) that there can be more than speculation, but
understand that Google probably doesn't release that kind of
information.
Situation: An e-commerce system (specifically: PrestaShop) which is
used to sell virtual products (specifically: product license keys). To
accelerate order processing, a cronjob is supposed to be regularly
executed which looks for new orders. Each of this order is checked
against a list of criteria, if it passes the test, the ordered product
keys will get delivered via E-Mail immediately and automatically,
without human interaction.If there is an exploit in PrestaShop and an
attacker gains acc
If I follow the reasoning of a colleague it seems you should never run
Apache Webserver or Tomcat on a Windows server if you want to keep the
https certificate safe.Let me explain before this question evolves
into a Windows vs Linux troll battle.For example when using Apache
Tomcat for a https website the private key is stored in a keystore.
For Tomcat to be able to use this key we have three options:Not use
password on keystore;Keystore password needs to be entered when
starting Tomcat
I am trying to make a website and an engineer, my uncle, from Dow
Chemical is saying that user data needs to be stored behind a secure
firewall with preferably Kerberos. I really do not understand it, and
I do not think that he really has a more layman's explanation than
what he gave me. So, in short, I would like to know how it works and
what exactly it does in the most layman's terms possible. I am new in
Network Security Engineering.

- Technology - Languages
+ Webmasters
+ Development
+ Development Tools
+ Internet
+ Mobile Programming
+ Linux
+ Unix
+ Apple
+ Ubuntu
+ Mobile & Tablets
+ Databases
+ Android
+ Network & Servers
+ Operating Systems
+ Coding
+ Design Software
+ Web Development
+ Game Development
+ Access
+ Excel
+ Web Design
+ Web Hosting
+ Web Site Reviews
+ Domain Name
+ Information Security
+ Software
+ Computers
+ Electronics
+ Hardware
+ Windows
+ PHP
+ ASP/ASP.Net
+ C/C++/C#
+ VB/VB.Net
+ JAVA
+ Javascript
+ Programming
Privacy Policy - Copyrights Notice - Feedback - Report Violation 2018 © BigHow