Cloud Security

Batch Trojan mounting in data databases has become one of the main methods for Trojan mounting. There are also many different Trojan Code published by webmasters on the Internet. The big and many different types of code disagree with each other,

1. If an online user finds an exception, he/she should immediately disconnect the connection. If you find that IE often asks you if you want to run certain ActiveX controls, generate Mo Ming's files, and ask about debugging scripts, be sure to be

About partitionsIf a potential hacker attempts to attack your Linux server, he will first try Buffer Overflow. In the past few years, buffer overflow is the most common form of security vulnerabilities. More seriously, the buffer overflow

Address space layout randomization [ASLR] is a technology designed to prevent buffer overflow. By randomizing the layout of linear zones such as stack and shared library ing, attackers are prevented from locating attack code, to prevent overflow

The. exploit-db website broke out in July 14Struts2 Remote Arbitrary Code Execution VulnerabilityThis vulnerability is very harmful. It can be said to be the root of a hundred machines. As long as the Struts2 and webwork framework systems are used

Recently, this vulnerability is very popular. In short, it is a malicious constructed shortcut that can execute file code.Only a few learning skills + limited time, the specific content will not talk about, just put some connections up. Symantec's

Affected Versions: Ipswitch IMail 11.01Vulnerability description: Bugtraq id: 41719 Ipswitch IMail Server is a bound email Server in the Ipswitch Collaboration component. The imailsrv.exe process is used to process messages sent to imailsrv. If

When WINDOWS accesses port 139, it automatically uses the current user and password to connect, resulting in leakage of the user password. Although the password is encrypted, it can also be used for attacks. The following is the SMB password

Affected Versions: Apple Safari 5. xApple Safari 4.xVulnerability description: Bugtraq id: 42037CVE ID: CVE-2010-1785Safari is the default WEB browser bundled in the Apple family machine operating system. Safari Webkit does not correctly implement

Linux is a Unix-like operating system. Theoretically, the design of Unix itself has no major security defects. For many years, the vast majority of security problems found on Unix operating systems mainly exist in individual programs. Therefore,

Man8_msf Recently saw oracle reinforcement experience in the blog of the coflies article: http://www.bkjia.com/Article/201008/54895.htmlIn combination with your own experience.1. delete or lock an accountAlter user username lock;Drop user

These locations are often exploited by viruses to gain control of the system as soon as possible at startup, thus damaging the user's computer. These self-starting locations

【SunanBlog Introduction]I did some research on the data of custom http protocol a few days ago. I suggested using a proxy server for ip address forgery, but later I found that, in fact, you can add an option in the http protocol to

Html "target = _ blank>Peng I saw some people comment on the articles I wrote a long time ago, so I read them again. In fact, I still agree with my own point of view. I just don't want to think about these things now, these are just the issues I

When a foreigner tweeted to CSRF, he used the cross-origin vulnerability in the CSS style sheet to read twttr. form_authenticity_token and then carried out CSRF. Reference: http://seclists.org/fulldisclosure/2010/Sep/64 PS: After talking with

If you don't understand what CSS-String-Injection is, read the blog of the following two cool people:《Another powerful cross-origin Vulnerability"Htmll "target = _ blank>IE8 CSS cross domain bug"In fact, I am talking about a problem, but I think the

The IP address is equivalent to the house number of the network user. The so-called IP Address Spoofing means that an attacker impersonates another person's IP address and sends packets. Because the IP protocol does not authenticate the IP address

The following articles mainly show you how hackers can hide their actual operations on the server. The following hidden solutions are summarized by myself in actual operations, depends on the situation. The following methods are generally used to

Zero-day attacks can destroy a network. They will attack vulnerabilities in applications that developers do not know or have not developed the corresponding patches. Hackers can exploit these vulnerabilities to execute code on your network, or even

5up3rh3iblog A blog written by Chris Evans a few days ago :《Minor leak, major headacheIn fact, the window used in it. the onerror Cross-Domain Information Leakage Problem is a vulnerability that exists for n years... the last time I tested it in an