Cloud Security

Comments: I always worry about server security, but I don't know where to start? How can we prevent attacks? How is routine server security maintenance secure? I have to submit a ticket or make a phone call for a few things. Isn't it enough time and

The OpenSSL Heart Bleed vulnerability has been confusing for the past two days. Please read this article to analyze and diagnose the OpenSSL Heartbleed Bug. Currently, we can see that the versions that can exploit this vulnerability are:OpenSSL 1.0.1

You all know what an IP address is, right? They are assigned to devices on the network to represent them. They are allocated through the DHCP server and change frequently. There are two types of IP addresses. The dynamic one will change frequently

I lost my mobile phone for half a year, so I found it back. The process was tortuous and I could write a story. There are many security-related things, hoping to inspire everyone. Samsung mobile phones have such a good function called "urgent help".

Introduction TCP can establish a connection only after three handshakes: (From wiki) As a result, there was an attack on the handshake process. The attacker sends a large number of FIN packets, and the server responds to the (SYN + ACK) packet, but

Win7 I have seen a friend using backtrack software to forge an ap and then wait for it. However, that system is still difficult for new users who have not used linux. So we should use win7, there is a function that can still meet this requirement.

First, we will introduce a script that yahoo once used to collect hardware information. You can view and download hwconfig here. It is executed on one of my systems as follows:View Code BASH 12345678910111213141516171819 [root@jay-linux

Recently, due to the problem of a centos website server, you have been constantly searching for centos security information. Below is a common iptables rule: IPT = "/sbin/iptables"$ Ipt-delete-chain$ Ipt-flush$ Ipp-input DROP #1$ Ipt-p forward

On the Internet, there are always boring people who constantly guess the passwords of others' servers every day! As the administrator of a linux server, we should know which IP addresses are constantly scanning our SSH ports to try brute force

1. allow only one IP address to log on and reject all other IP addresses.Write in/etc/hosts. allow:Sshd: 1.2.3.4Write in/etc/hosts. deny:Sshd: ALL iptables can also be used:Iptables-a input-p tcp -- dport 22-j DROPIptables-a input-p tcp -- dport

Redhat is currently the most popular type of Linux in enterprises, and more hackers are attacking Redhat. How should we reinforce the security of such servers? I. account Security 1.1: run the command # cat/etc/passwd # cat/etc/shadow to check the

Some time ago, openssl heartbleed surprised us for a few days.  From user data leakage to products around OpenSSL, from server to client, from https Private Key leakage to openvpn, openssh, sftp and other private key leakage. We can't do anything in

The filtering of added tags is lax. Today, I got the latest version of thinksaas and looked at the security issues after xfkxfk burst. However, many of them are still not filtered. Xfkxfk blew up app/tag/action/add. php. I saw the vulnerability file

In this article, I will show you how to write a PHP backdoor with non-alphanumeric characters. When writing such PHP backdoors, we first need to understand some basic knowledge: (1) Understanding PHP (2) to understand curl or other tools that can

H2 is a short and lean embedded database engine. Its main features include: free, open-source, and fast embedded database servers. It supports clusters (Subject: I don't know who will use such databases as clusters) provides JDBC and ODBC access

One interface has no permission control and can obtain all information of any employee or tenant. All information includes email, mobile phone number, ID card number, home address, marital status, job (employee), company, security questions, and

In the online execution of pythontip, you can obtain the program source code and program configuration. pythontip online programming does not shield many functions in the OS module, nor prevent open from reading file content, leading to source code

Some users of Huawei online storage can modify their passwords for users bound with mobile phone numbers (users can bind mobile phones in their settings after registration). This attack does not need to know the target mobile phone number, you only

Use tips as the rookie administrator. 1. After the intrusion is obtained by SHELL, the firewall of the other party has no restrictions and wants to quickly open an SSH port that can be accessed Execute on Broilers  mickey@vic:~# ln -sf

This article is my two-day study notes shared and shared with you. Knowledge is scattered, but for people with a certain JS base, every small knowledge will help broaden your Hack perspective. First, I declare that this article is only the tip of