Cloud Security

• Use a firewall in the peripheral network or operating system to filter inbound requests. Only approved sources and destinations can be connected through RDP, and users who can connect to these servers can be restricted. If a person in a specific

I caught a handshake packet, and spent a lot of effort to run the password out of the dictionary, but I couldn't connect to the wireless router at the end ...... Come on, and create an experiment together! Step 1: Set up a wireless router for the

Reaver cracking Wireless Router password basics Currently, the Wi-Fi router on the market has enabled WPS encryption protection before leaving the factory, and such a "good intention" is actually quite safe. However, Stefan Viehbock, an information

In the first article in this series, we introduced the situation of DDoS attacks on our customer service system and the reasons why we decided to use self-built CDN to solve this problem. Next, we will introduce the specific construction plan of

The Internet is rich and colorful. Basically, we can find the resources we need, because many of our friends have joined the ranks of webmasters. There will also be a fight between many webmasters. In particular, our personal webmaster, due to

Today, John Nagle (the one who invented the TCP Nagle algorithm) mentioned in the mail list that he wanted OpenSSL to provide some methods to automatically detect man-in-the-middle attacks. Simply put, the man-in-the-middle attack will change the

This method prevents SYN Flooding DoS attacks/proc/sys/net/ipv4/tcp_syncookies, it is implemented by using the three handshakes of tcp data packets SYN. This method is called SYN Flooding. We can enable the kernel SYN Cookie module to prevent

As DDoS attacks become increasingly fierce, the scale of attacks is also growing. How Should users choose DDoS cleaning solutions and products to avoid unnecessary equipment procurement? Finally, they can choose their own products to control costs

This post uses a small and medium-sized company as an example to describe a simple method for APT to perform "step-by-step". In this post, the step-by-step method is relatively simple, but it is the first step for sustained penetration. The target

We often encounter an Internet IP address and terminal failure when the server is powered on 3389. Today, we can see that a method that is loose is to use a permission escalation tool to execute a vpn batch process, then access the server through

# Exploit Title: ShopEx # Date: 30/01/10 # Author: cp77fk4r | empty0page[SHIFT+2]gmail.com| www.DigitalWhisper.co.il # Software Link: http://www.shopex.cn | http://www.shopex.cn/download/

Long Ying Today, over built a new blog to deploy vulnerabilities. In the evening, I went to check out the bo-blog program. When I saw the above message board, I remembered the xss Cross-Site vulnerability. Go to the message board page and select

Test method:The Program (method) provided on this site may be offensive and only used for security research and teaching. You are at your own risk! DescriptionThe Windows Skype client implements two URI handlers, Skype: and Skype-Plugin. both

From YJPS S BLOG ======================================Vbulletin 4.0.2 XSS Vulnerability====================================== [+] Vbulletin 4.0.2 XSS Vulnerability 1-=- =-= 00 _ 11/_ '/\__/_ '00/\ _, ___/\ _ ___, _/_ ___ 11/_ '/_ \ _ 0 // \__/\_\_/1

From vbs small shop s blog + ---------------------------------------------------------------------------- +| Contact Info |+ ---------------------------------------------------------------------------- +Author: VengyModiy: lcxEmail:

Test method: The Program (method) provided on this site may be offensive and only used for security research and teaching. You are at your own risk! ------------------------------------------------ Multiple Vulnerabilities in EASY Enterprise

#! /Usr/bin/python # Exploit title: SAP MaxDB Malformed Handshake Request Remote Code Execution # Date: 2010.03.26 # Author: S2 Crew [Hungary] # Software link: sap.com # Version: 7.7.06.09 # Tested on: Windows XP SP2 EN # CVE: ZDI-10-032 # Code: ##

From Minghackers Vulnerability description:The dedecms 5.5 program exposes the website path information. : Parse error: syntax error, unexpected T_ELSE in I: dedecms. compublic_htmlpluspaycenteralipayeturn_url.php on line 13 Warning: require_once

Author: hiicomeSomeone looks for the SHELL method. I tried to build a local device. Very simple. Of course, there are limitations. The IIS resolution vulnerability of the WIN host is required. Enter the background. Click Page Management. Click the

Vulnerability Description: nginx is a high-performance web server that is widely used. It is often used as a reverse proxy and supports PHP operations. 80sec finds that there is a serious security problem. By default, it may cause the server to