Cloud Security

Linux provides us with an excellent firewall tool, netfilter/iptables (http: // www.netfilter.org /). It is completely free and can run well on a low-configuration old machine. Netfilter/iptables is powerful and flexible, and can be used to

As the computing and storage capabilities of smartphones increase, mobile phones will store more and more private data, and the leakage of such data may cause serious consequences. Mobile phone information security has always been one of our key

LIDS (Linux Intrusion Detection System) is a Linux kernel patch and System Administrator tool (lidsadm) that enhances the Linus kernel. It implements a security mode in the kernel-reference mode and the Mandatory Access Control command in the kernel

Like other large software, the BINDDNS server also has many problems due to its large size and complicated functions. Therefore, the number of system intrusions targeting the BIND Security Vulnerabilities is also greatly increased, and the most

Environment RedHat 7.3There are more and more hackers on the Internet, and more experts appear. How can we ensure that we can save a complete log? Hacker knows that the first thing that comes into the system is to clean up logs. The simplest and

SxidCheck the suid, sgid, and files without the master in the system.SkeyOne-time password ToolLogrotateLog loop ToolLogcheckLog Management ToolsSwatchLog management tools, more real-time than logcheckSsh (openssh)Secure Connection

A young Norwegian programmer recently discovered a Linux Bug. A simple C program can use this Bug to crash most Linux 2.4 and 2.6 suites on the x86 system.Sither, the discoverer of this Bug, said that if an attacker wants to crash the Linux system

LinuxSELinux for enhanced security is a R & D project of the U.S. security department. It aims to enhance the Linux kernel for code development to provide stronger protection measures to prevent security-related application detours, mitigate the

2. Use the eps pam module for password verification1) first back up the/etc/pam. d/system-auth file2) modify the/etc/pam. d/system-auth file in the following format: auth required /lib/security/pam_unix.so likeauth nullok md5 shadowauth

Firewalls can be divided into several different security levels. In Linux, because there are many different firewall software options, the security can be low and high, and the most complex software can provide almost no penetration protection

If you have multiple workstations, several machines that manage the Internet, or you need to connect to multiple networks frequently, you will find the tool for monitoring data packets useful sooner or later. New users may want to know how to use

Check the system password file and check the file modification date. [Root @ fedora ~] # Ls-l/etc/passwd View privileged users in the passwd file [Root @ fedora ~] # Awk-F: '$3 = 0 {print $1}'/etc/passwd Check whether there is a blank password

Do you want to harden your Linux computer? In fact, this is not difficult. There are five tools to help you achieve this goal. Chkrootkit First, we need to introduce chkrootkit. This program is designed to check the list of many well-known rootkits

If Enterprise Web pages are tampered with, the consequences are unpredictable. This not only affects normal access, but may also lead to loss of customer credibility. It is difficult to defend against unknown attacks, but it is relatively easy to

I have detected injection attacks on Sohu, TOM, and Netease portals, and found that there are also obvious injection vulnerabilities, which are very poor in security. 1. MySQL injection Detection First, let's take a look at Sohu's website. Most of

A lottery online website is a large lottery site with an injection point. The link is as follows: http: // www. ***** china.com/jst/md_end.jsp? Id = 76. This injection point is used as an example to explain how to perform manual Oracle injection

WebsiteAppearsTrojanThe main cause is system, firewall, or website application vulnerabilities. The Network Administrator is responsible for reviewing the website and maintaining the normal operation of the website. From the perspective of the

Web Application Service vulnerabilities: Web Service Overflow This is the most traditional and harmful weakness. The earliest and still widespreadAttackIt comes from the assumption that developers can trust the data input by end users. In fact, this

Bkjia.com Comprehensive Report]Websense announced the launch of the ACEInsight.com website. ACEInsight.com is a free Web site Real-Time Detection and Analysis Service provided by Websense. It is fully supported by the advanced classification engine (

On June 23, May 4, the website security detection platform of 360 issued an orange security alert saying that the recently exposed PHPCGI vulnerability has been attacked by hackers and seriously threatened to execute PHP website servers in CGI Mode.