Cloud Security

Author: Alpha from: http://www.54hack.info/ 1. Prevent jumping out of the web directory Modify httpd. conf. If you only allow Your php script program to operate in the web directory, you can also modify the httpd. conf file to limit the php

Dear friends, I have a bad news to tell you that while you are surfing the Internet, someone may be monitoring your mailbox and other passwords! This is not an alarmist. Do not think how difficult it is to listen to the passwords of all users in the

Logs should also be noted by users. Do not underestimate the importance of log files for network security. Because log files can record various daily events of the system in detail, you can check the causes of errors through log files, or trace the

Author: Shawn (L. Spiro) Wilcoxen Translator: riusksk (quange)   Preface Escaping from the anti-plug-in system is the biggest obstacle for new game hackers today. DLL injection is the longest surviving method. Hacker technologies/tools circulating

3. Security Testing Method Nanjing hanhaiyuan Information Technology Co., Ltd. defines the security testing method as follows: By analyzing system assets and external environments, you can analyze security requirements and propose security functions

In addition to the following methods, the mac address can also detect virtual machines.Update: You may be interested in [[the perl module | perl-module-for-virtualization alization-detection] implementing these tricks. Frequently, our customers want

Data: Version 1st: 2010/10/262nd: PrefaceSince 1980s, someone outside China began to discuss the attack methods of overflow. However, it was not noticed at the time until the disclosure by some researchers, especially the classic article on overflow

BIOS SecurityRemember to set a BIOS password in the BIOS settings and do not receive the boot from a floppy disk. This prevents malicious users from starting your Linux system with a dedicated boot disk, and prevents others from changing BIOS

// Credit: Mateusz Kocielski, Marek Kroemeke and Filip Palian// Affected Versions: 5.3.3-5.3.6 Echo "[+] CVE-2011-1938 ";Echo "[+] there we go ...";Define (EVIL_SPACE_ADDR, "xffxffxeexb3 ");Define (EVIL_SPACE_SIZE, 1024*1024*8 );$ SHELLCODE

The most common way to build Linux virtual hosts in the world is as follows: Linux operating system + Apache website container + PHP foot + MySQL databaseThe website configuration information on a server is obviously stored in the Apache

Because the domain controller is usually strictly set, when running commands using similar remote execution tools, it will often fail and prompt errors similar to not write memory, we need to use other methods to obtain the Hash. 1. Use parallel

By: isosky Today, a group of friends are sending shell requests for Elevation of Privilege. I saw him send it several times. Listening to the temptation (SAROOT password is all there), in line with the YD mentality of more than one server, put down

Author (translation) slip2008 t00ls.net #1: Disable OpenSSH Server) #2: Only Use SSH Protocol 2 (using sshv2) Protocol 2 #3: Limit Users SSH Access (restrict user login) AllowUsers root vivek jerry (root vivek jerry allowed) DenyUsers saroj anjali

Firebug is a development plug-in Firefox that integrates HTML viewing and editing, Javascript console, and network status monitor.When processing some scripts, an error occurs in the HTML Parser, which induces users to access malicious websites and

The local server architecture is LAMP. The following settings do not add much security. 1. Account Security Disable unwanted users and system accounts, or set the shell to/sbin/nologin, and set the home directory to/dev/null. The password cannot be

  This article is from the network security technology blog Apache logs are generally stored in the/var/apache2 directory (for Windows, In the installation directory log folder)   If you change the log address, don't look at it...   =================

The above is an article about rootkit that can be seen everywhere on the Internet. With a dialectical attitude, I read about things that I had learned N years ago. There are also some things worth learning from. Because getdents64 () is a system

Previously, because there was nothing important in the server, I had never followed the login log. I checked the auth only when I encountered an error in configuring ssh chroot. log, remember that this file is a login log, and I occasionally view

Just getting started, I analyzed the first vulnerability program under the guidance of the brave and wretched k _ k. Today I wrote down the process from scratch. The vulnerability program is. Download the Exploit Code (Code generated by cracking a

  It was slow to log on to the company's official website this morning. log on to the server and check the website access information: [Root @ web ~] # Netstat-anp | awk '{print $6}' | sort | uniq-c | sort-rn 172 ESTABLISHED 59 CONNECTED 589