Cloud Security

http://soroush.secproject.com/blog/2013/04/microsoft-xmldom-in-ie-can-divulge-information-of-local-drivenetwork-in-error-messages/ Another ws method, the person who knows the goods naturally :) It is a bit of a problem to judge the poc in the file,

1. Linux SSH Security Policy 1: Shut down the majority of hosts attacked on the unrelated port network, which are targeted by hackers who use scanning tools for a wide range of scanning. Therefore, in order to avoid being scanned, all ports, such as

What is a CC attack? CC attacks use a large number of proxy servers to initiate a large number of connections to the target computer, resulting in depletion of the target server resources and DOS. So how can we determine whether to query CC attacks?

Author: gbm team: www.anying.org Original: http://www.anying.org/thread-3710-1-1.htmlReprinted, please indicate the author and team, the offenders must investigateI have been writing articles related to linux for a long time. As a pseudo-technology

Let's take a few pictures first. I tested them.See my test diagram. 1. First, make sure that "Account Security daemon" is enabled in the daemon function.   2. Check the code   3. run the command in bat format. During the running process,

Foreign hackers discovered a Linux kernel 2.6.37-3.8.9 vulnerability. Successful exploitation of this vulnerability may lead to privileged users. It is still fresh. Let's take a look. Relatively easy to use ~Http://fucksheep.org /~ Sd/warez/semtex.

Lnmp combination is a good choice for small memory vps .. my website has been using lnmp. Recently I helped my friends build several websites on their own vps. dedecms always worried that the affected website would be affected by the outbreak of

I haven't written anything for a long time. The study class is boring. Let's sum up the method for breaking through the terminal. I am a newbie on the Internet and I am actually using it.The first is the online method. 1. Command: win + R, win + D,

Today, I want to talk to cainiao about the protection and inspection work we should do after the server is killed from the perspective of intruders. Daniel is familiar with system reinforcement and security issues, I have never worked on security

IOS runtime attacks are currently popular in two ways:Dynamic Link Library InjectionTo modify the implementation of the API method by writing a customized dylib file and setting the DYLD_INSERT_LIBRARIES environment variable (seeMac hook-DYLD_INSERT_

Once our linux host is exposed on the internet, it will be harassed by some illegal users from the network. Such as weak password scanning and tentative logon. These behaviors pose certain threats to linux Hosts. So how can we prevent such attacks?

I. Vulnerability descriptionCurrently, Backdoor. AndroidOS. Obad. a, known as the "strongest Android trojan in History", uses the Android Device Manager Vulnerability to Prevent Users From uninstalling it normally. In fact, this vulnerability was

0x00 JavaEE Basics JSP: The full name is java server page, which is simply a simplified Servlet. Servlet: Servlet is a server-side Java application that can generate dynamic Web pages. JavaEE: JavaEE is a new J2EE name. The purpose of renaming is

Previous logRestrict nginx cross-directory browsingTo some extent, hackers are limited. However, with the increasing number of webshell functions, users can still access the areas they are not supposed to access through other methods, such as

 Background: Yesterday I made a serious mistake. When I checked the security of several websites on a server, the JSky File Deletion vulnerability caused the files on several sites.Deleted (I was later aware of this JSky vulnerability ). I did not

I. Vulnerability Introduction Vulnerability impact IIS7 and IIS7.5 when FastCGI calls php, set cgi. fix_pathinfo = 1 in php. ini.In this way, when the URL of an arbitrary file is accessed and "/x. php" and other characters are added to the URL, the

Struts vulnerability repair process S2-016. The evil Struts appeared again, this time being a remote execution vulnerability. We recommend that you upgrade to 2.3.15.1 immediately. I hope this is the last vulnerability fix. The upgrade procedure is

SQL Server is a sensitive information library for organizations. Managers must ensure that only authorized users can access this sensitive information. However, it is not easy for SQL Server to be configured securely without generating errors. As a

Yesterday, a zero-day vulnerability about firefox17 (20.1) was published on the Internet. The vulnerability was reported to be used by the FBI to track users in the Tor network for investigation and evidence collection. POC: Streamlined

A major selling point of Apple's new iPhone 5S is its security features, including its new fingerprint processor and the Built-in anti-theft feature in the next-generation iOS 7. However, a bug that has existed since the previous generation of iOS 6