linux security best practices

Web security practices (7) Introduction to web servers and common attack software Through the previous discussion, we have learned how to determine the type of web server. From this section, we will discuss web platform vulnerability attacks. The defect mentioned here is the defect of the server itself, not the defect caused by the Administrator's configuration. This defect can only be avoided by upgrading

practices of secure coding. Another good resource that improves your developer's security coding skills is Microsoft's msdn SecurityCommunityAnd write security code. There are a lot of books written by Microsoft software security expert Michael Howard, among which you may be interested in: "Writing Secure Code (writin

PHP permanent login, remember me function implementation methods and security practices PHP permanent login, remember me function implementation methods and security practices This article describes how to implement PHP permanent logon and remember me functions and security

the probability of service abnormal exit. It seems that the SSSD service problem is due to the system version being too low SSSD The service code has bugs, the solution is most convenient to upgrade the system or switch services to the new machine."KDC can ' t fulfill requested option while renewing credentials"The application execution log occasionally reports the following error:2014-03-12 21:30:03，593 WARN security.UserGroupInformation (UserGroupInformation.java:run(794)) - Exception encount

Apache HTTP Server software was first launched 18 years ago and has been the most popular Web Server software for more than 10 years. Apache accounts for more than 50% of the Web Server market, this also makes it the most popular attack target. Researchers from security companies ESET and Sucuri discovered the latest high-profile Apache attacks. Attackers tried to find a backdoor to access Apache and redirect network traffic to malicious websites. Aft

PHP Permanent Login, remember my functional implementation methods and security practices This article mainly introduces the PHP permanent login, remember my function implementation methods and security practices, this article focuses on the use of the database to achieve a more secure permanent login, remember my fun

Financial service providers are restricted by a large number of customers' data security protection rules. Gramm-leaching-Bliley Act (GLBA Act) is widely used and abstract, but it requires risk identification and evaluation for all types of networks, implement and monitor security measures, including wireless networks. Other regulations, such as the famous Payment Card Industry Data

Best practices for strong passwords (more security authentication levels) Policies One-time password, client certificate, smart card, biometrics and other technologies Add a new level for account security. Two-factor authentication further enhances the security of the system. The more critical the system is, the more

Web security practices (1) Common http-based architecture analysis tools "When you want to do something better, you must first sharpen the tool." in Section 1, we are familiar with commonly used tools. The subsequent sections will also discuss how to write the details of these tools by ourselves. 1.1http extension tool. (1) TamperIE. This is a browser helper object from the Bayden system. It is very simple.

provides many examples of how to secure coding. The starting point of CERT Secure coding is to establish secure coding standards for common programming languages and promote the best practices of secure coding. Another good resource that improves your developer's security coding skills is the security code section of Microsoft's MSDN

Others are best practices, because my current settings are not recommended according to the reference document, or use delegatingfilterproxy, so I can only say concise practices. First paste my applicationContext-security.xml For the above configuration instructions, the authentication-failure-URL and default-target-URL attributes of form-login can be basically set to avoid the trouble of using predictiont

PHP Permanent login, remember my feature implementation methods and security practices, PHP practices Permanent login refers to the mechanism of continuous validation between browser sessions. In other words, today's logged-on user is still logged on tomorrow, even if the user session between multiple accesses expires. The presence of a permanent login reduces t

would be a default value,If you enter '. ', the field would be a left blank. -----Country Name (2 letter code) [xx]:cnState or province name (full name) []:bjLocality Name (eg, city) [Default city]:bjOrganization Name (eg, company) [Default Ltd]:oldboy organizational unit Name (eg, section) []:it Common name (eg, your name or your server ' s hostname) []:oldboy.com.cn Note: This output information is very important, before the client obtains the certificate, it uses the host name to establish a

1. Overview: http://blog.csdn.net/chengyun_chu/article/details/4644227 In the previous security coding practices, we introduced the GS compilation options, cache overflow, and data protection dep. First, the direct consequence of cache overflow is remote execution of malicious code, so the compiler provides GS protection. However, the GS option has its own limitations, and there are several ways to bypass t

This article describes how to implement PHP permanent logon and remember me functions and security practices. This article focuses on how to use a database to implement safer permanent logon and remember me functions, if you need a friend, you can refer to permanent logon, which refers to the mechanism for continuous verification between browser sessions. In other words, the logged-on user is still logged o

Web security practices (9) attack apache The vulnerabilities provided this time have been accumulated at ordinary times, but I have only a few actual vulnerabilities, with limited time and energy. I hope you can provide and discuss more technical issues. Body 9.1Expect cross-site Vulnerability Apache will directly output the error message of the header when receiving the HTTP header, and the content of the

This article describes how to implement PHP permanent logon and remember me functions and security practices. This article focuses on how to use a database to implement safer permanent logon and remember me functions, if you need a friend, you can refer to permanent logon, which refers to the mechanism for continuous verification between browser sessions. In other words, the logged-on user is still logged o

Web security practices (10) attack weblogic This is a small experiment I spent more than two hours doing. I detected only one website and didn't systematically perform overall security analysis on WebLogic. Click it. Body 1. Search for WebLogic Methods (1) use the platform identification method we introduced earlier to identify whether it is a WebLogic Server. (2

Web security practices (11) User Name Enumeration User name enumeration and password guessing are two core components of web attack verification. This article only discusses some common cases of user name enumeration. Body 11.1 obtain the user name from the user ID of the website For websites such as blogs, forums, and friends networks, user names, ID numbers, and nickname levels are available for different

Tian haili 2012-02-27 DM is now one of the essential services required by domestic operators. The DM service operator can understand the user terminal situation and data usage, and the customer service mode has changed. The terminal manufacturer can reduce the after-sales cost and configure parameters and upgrade the subsequent versions more conveniently. China Mobile calls the DM Service enhanced after-sales service. This series of articles provides best