guidetowebsecurity.com

If you subscribe to Cable or DSL broadband at home, then you are likely to be casually “attacked” by hackers up to three dozen times a day. Especially if you use Windows XP or other Windows operating systems, you are a prime target for savvy hackers who will exploit your fulltime Internet connection.

As good as Microsoft products are, they are also obsessively targeted by hackers around the world. Small Microsoft “holes” perforate your computer, including: your administrator account, your ICF firewall service, your guest logon, your shared folders, your messaging services, your Identifier Broadcasts, your port openings, and Read the rest of this entry »

“Facebook alleges that in June servers controlled by the defendants used automated scripts to make more than 200,000 requests for personal information stored on Facebook’s site. The allegations are contained in an amended lawsuit filed earlier this month in U.S. District Court in San Jose, California.

The company first filed suit back in June, but amended the complaint this month after obtaining court orders to identify who controlled the servers trying to access its site.

Read the rest of this entry »

Always bear in mind that your IP address is public, so that whenever you access the Internet, you are always heading for a security risk. An IP address that will identify your PC can be located whenever you access the Internet. If you are not protected, your IP address address can be used by others to access your computer from anywhere in the outside world. One larger security is a fixed IP address.

Using a modem with a dial-up connection will get you a new IP address every time you connect to Internet. This is not true if you have a fixed Internet connection (cable, ADSL, fixed line), because your IP address will never change. This will allow potential Internet crackers to be able to access your computer everytime they want to, and to store and share (with other crackers) information and data that they might find about your unprotected private data.

Web application development is very different from other environments. Web browser and the nature of HTTP pose security pitfalls not found in traditional client-server applications. Web developers must know how web servers and browsers interact, the nature of Internet communications, and the attacks web applications undergo on the Internet. If you think your network is secured by a firewall and network intrusion detection system, think again. Security flaws in web applications easily bypass firewalls and other basic security measures. Many banks, military and e-commerce sites have learned that lesson. It’s easy for a well-experienced software developer to unwittingly create a web application that allows outsiders access to files on the server, gather passwords and customer information, and even alter the application itself despite firewalls and other security measures.

Web caches can be deployed in a variety of ways. User agent caches, such as those in web browsers, are private caches, operating on behalf of a single user. Intermediaries can also implement shared caches that serve more than one person.Caching was originally designed to speed up content access and reduce the need for the enterprise to purchase expensive bandwidth. Initially the cache was the object of everyone’s desire to accelerate applications. As a result, Web 1.0 applications had their own protocols (HTTP, FTP, NNTP, RTSP, etc.) each with their own caching needs.

Web 2.0 applications replace their Web 1.0 predecessors with standard use of HTTP and HTTPS, obsolescing the need for separate protocols supporting separate applications and hence the caching needs they require. Rapid adoption of Web 2.0 applications and wide availability of inexpensive bandwidth dictates a review of how network traffic and application use have changed:  

by Andrea

This technique allows only certain predefined IP addresses to access the web site. Usually this method is used to curb the audience of the web site to precise physical areas or user communities. A widespread use would be a library that purchases a web-enabled database. The license for the record or database might denote that only users on a particular campus can access a  source as a result, the web site’s IP address limitations would be set to contradict everyone. A good number of  web servers hold up very granular levels of IP restrictions. IP address restrictions are an uncomplicated way to confine a web sites, but are fully  dependent on being able to classify the restricted audience by series of IP addresses.

by Andrea

Scrutinizing the security of these web assets on the network for possible vulnerabilities is overriding. All modern database systems may be accessed all the way to specific ports and anyone can attempt unswerving connections to the databases effectively to evade the security apparatus used by the operating system. Acunetix Web Vulnerability Scanner guarantees website security by automatically checking for SQL injection, Cross site scripting and other troubles in the web. It verifies password strength on authentication pages and mechanically inspects the  web applications. When the scan is complete, the software creates thorough reports and locates where the vulnerabilities come from.

by mheo soriano

Destructive trojans

This is one of the most irritating Trojans as it is designed to destroy and delete files stored in your pc. Some can automatically delete system files, gradually slowing down the system and corrupting it as an end result. The attacker can either activate the Trojan manually or program it to function in a specific time and date.
Destructive Trojans works similarly like a virus, but the difference is that it is created to attack your system (virus causes damage as a “side effect” of infecting files) and is least likely to be detected by your anti-virus software.

To be continued…

by mheo soriano

What are they?

Trojan Horse is a type of “Malware” or Malicious Softwares which causes harm to a computer system. It got its name from the Trojan Horse in the Greek mythology as it disguises itself as a useful program and not a Malware thus tricking the users of what they really are.

A Trojan Horse is NOT a Virus

But most people think that a Trojan Horse is a type of Virus this has been a common misconception that many people share for years.

Yes both are programs harmful to your computer system, but this is the only similarity the Virus and the Trojan Horse has. Unlike the virus which multiplies it self, the Trojan Horse is not designed to multiply but it is designed to do one of two things: either destroy or modify data or extract confidential information such as passwords, credit card numbers etc.

Or did they, well that was the shocking thing about the whole incident that was a s recent as a month ago. Apparently, people from Symantec concocted some test for their many installed security software that was to be sent out to do some testing for their intrusion prevention system. The bad thing was, the file was sent out into the wild of the internet without the proper security signatures that tells the many security systems with firewalls that they are indeed from the known security software developer, allowing it in. There was nothing wrong with the myriad of firewalls installed, they performed flawlessly, detecting the intrusion and raising the red flags to inform the many system administrators that there was indeed something abuzz. The test software went through for the system recognized it and did it’s thing but right after was a flurry of calls to the company hot line from alarmed customers who were fearing they were being attacked. Read the rest of this entry »