July 16th, 2013, 04:30 AM
I need to design an API with reasonably secure* authentication that can be used from either an application server or a web client (e.g., AJAX running in an application loaded from an application...
January 20th, 2012, 02:50 PM
Instronics and Muracu, that's a lot of very helpful information. (My only criticism is that there's no real connection between it and my easily misinterpreted comment about a "back door!")
Some...
January 19th, 2012, 08:56 PM
gore, I should have stated that more clearly. I can "get in through a back door" by running a PHP script that lets me enter shell commands through a browser. It doesn't let me do anything without...
January 18th, 2012, 07:09 PM
Some additional notes.
I looked up DNS poisoning, and it's certainly possible, but it's not clear how I'd diagnose it or fix it. I don't even know how to find out what DNS server would be...
January 18th, 2012, 04:23 PM
Thanks for the suggestions. I'll respond as well as I can.
First, you're using some terms that I don't know (DNS poisoning, back shells), so not everything you said is clear to me. I can look...
January 18th, 2012, 06:23 AM
I'm facing a security problem on my client's web sites, and need some advice.
Two sites have suffered a total of three security breaches over the past several months. In each case a PHP script in...