Search Results - Antionline Forums - Maximum Security for a Connected World

Search:

Type: Posts; User: slarty; Keyword(s):

Page 1 of 20 1 2 3 4

Search: Search took 0.04 seconds.

  1. Replies
    14
    Views
    2,644

    A CAPTCHA is only going to be broken if: 1....

    A CAPTCHA is only going to be broken if:

    1. It's a common kind of CAPTCHA which is installed on so many sites that someone will put the effort into breaking it
    2. It's a very high-value target...
  2. Replies
    19
    Views
    2,794

    One possible idea would be to have your...

    One possible idea would be to have your inbound/outbound mail routes through a secure hosted machine elsewhere (outside the ISP).

    Ensure that mail in and out only goes via that host, and is...
  3. Replies
    10
    Views
    3,172

    It would be fairly simple for them to block you,...

    It would be fairly simple for them to block you, even if you disguise your user agent. However, instead of blocking you, they could simply send back rubbish data to your bot, causing you to make...
  4. Replies
    1
    Views
    832

    Most uses of the system() function will be...

    Most uses of the system() function will be incorporating user supplied data in some way into the command line.

    If this isn't checked or escaped very carefully, it will be possible that a malicious...
  5. Replies
    4
    Views
    1,337

    The Atheros chipset seemed considerably more...

    The Atheros chipset seemed considerably more capable than any other I've tried... its main cool feature is operating in several modes at once (e.g. it can be an accesspoint AND a station).
  6. Replies
    10
    Views
    2,425

    It basically boils down to: 1. Don't pass any...

    It basically boils down to:

    1. Don't pass any string directly into SQL without appropriate escaping - ideally use prepared queries
    2. Audit use of dangerous functions such as eval(), system()...
  7. Replies
    7
    Views
    1,464

    McKinnon was an idiot for what he did and...

    McKinnon was an idiot for what he did and deserves justice, but not what the US have in store for him.

    I hope the lords see sense and block his extradition, at which point he can be tried here...
  8. Replies
    7
    Views
    1,190

    Consider analysing large files etc that are using...

    Consider analysing large files etc that are using most of your bandwidth. Assuming you have direct access to the log files, you can see which files are responsible for most of the bandwidth and...
  9. Replies
    55
    Views
    5,637

    If the web mail account uses HTTPS, you're safe....

    If the web mail account uses HTTPS, you're safe.

    Otherwise, you're probably at risk.

    Open wifi networks are easy to intercept from some distance away - this makes them very risky. If you're...
  10. Replies
    6
    Views
    1,171

    You should set up a separate virtual host on the...

    You should set up a separate virtual host on the HTTP site, and simply configure it with a redirect to the HTTPS site.

    For example, if you were using Apache,



    <VirtualHost *:80>
    ...
  11. Replies
    8
    Views
    8,303

    Yes, all Atheros chipsets have these advanced...

    Yes, all Atheros chipsets have these advanced features.

    "Monitor mode" is not the same as promiscuous mode. "Promiscuous" mode accepts packets from any host on the same wireless network, whereas...
  12. Replies
    7
    Views
    1,528

    Most routers will behave as a wireless access...

    Most routers will behave as a wireless access point anyway. As mentioned by stevel, you need to disable the router's DHCP server.

    I use this configuration:
    - Disable DHCP server
    - Assign a...
  13. Replies
    5
    Views
    1,249

    Session timeout can also be set on a per-session...

    Session timeout can also be set on a per-session basis in the application, and there are other reasons for sessions timing out.

    In ASP-classic (Which I assume is what you're referring to),...
  14. Replies
    5
    Views
    1,562

    Running a honeypot without egress filtering is a...

    Running a honeypot without egress filtering is a REALLY bad idea.

    Your machine will start doing all manner of bad egress once it is compromised, and subsequently your IP will get blacklisted, your...
  15. Replies
    7
    Views
    797

    If all these devices are logically on the same...

    If all these devices are logically on the same ethernet segment, they should probably be in the same IP range.

    If you're running out of IPs, consider using a LAN IP range bigger than class C. The...
  16. Replies
    9
    Views
    1,297

    I think I completely misread the question- I...

    I think I completely misread the question- I described a scenario for having two wireless nodes out of range of each other talking via a pair of accesspoints and a wired network.

    What the OP...
  17. Replies
    9
    Views
    1,297

    Rather than using wireless routers, if you shun...

    Rather than using wireless routers, if you shun their routing ability, and just make them behave as bridges, then you can certainly do this.

    Routing is a red herring- you don't need any routing to...
  18. Replies
    5
    Views
    1,362

    I second Wireshark (previously known as...

    I second Wireshark (previously known as Ethereal). It works on Linux and Windows, and is (relatively) easy to use with a GUI.

    There are a few weird things, like the capture filter syntax is a bit...
  19. Thread: MySQL Probelm

    by slarty
    Replies
    8
    Views
    946

    Rather than increasing the maximum number on the...

    Rather than increasing the maximum number on the server, try reducing the number of client connections instead.

    If you have one or more web servers connecting to the MySQL, try reducing the number...
  20. Thread: Ip Alias

    by slarty
    Replies
    9
    Views
    1,595

    You can run several IP networks on the same...

    You can run several IP networks on the same ethernet LAN. This is not a normal configuration, but it is a valid one.

    Provided there aren't any duplicate addresses (e.g. non-overlapping IP ranges),...
  21. Replies
    56
    Views
    15,767

    Open wireless access points don't have any...

    Open wireless access points don't have any encryption or authentication. So unless you're using a protocol which has some built in (e.g. HTTPS), your traffic may be compromised by a sniffing and/or...
  22. You could rename the main() method in a.c and...

    You could rename the main() method in a.c and then declare it in an external header file (a.h).

    Then include that header file in b.c and just call the renamed main method. When compiling the...
  23. Replies
    1
    Views
    867

    You're not going to be able to configure those...

    You're not going to be able to configure those types of options without root access to the server. Apache needs quite a few of those options in httpd.conf (or its includes).

    If you can't do it in...
  24. Thread: Error logs

    by slarty
    Replies
    6
    Views
    1,030

    Don't let your web site being hit by worms alarm...

    Don't let your web site being hit by worms alarm you; this happens to every web server, all the time- in fact often many times per day.

    These worms pick random IP addresses and/or hostnames to...
  25. Replies
    3
    Views
    799

    It's a web client limitation. It's built into the...

    It's a web client limitation. It's built into the client application and is completely deliberate, and is a feature not a bug.

    The W3C recommend that a web client application creates no more than...
Results 1 to 25 of 500
Page 1 of 20 1 2 3 4

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides