How are the TROJANS working?
When the victim runs the server it does functions like opening some specific port and listening for connections. It can use TCP or UPD protocols. When you connect with the victim IP the you can do what you want because the server let you do the Trojan functions on the infected computer. Some Trojans restart every time Windows is loaded. They modify win.ini or system.ini so the Trojan can restart but most of the new Trojans use the registry so they can restart. Some Trojans has unique options like get ICQ UIN, add me to the victim contact list, ICQ [...]
Categories: Concept, Internet Security Tags: shareware threat, trojans, Vulnerable downloads
Broadband WiFi router security issue
BSNL Broadband internet is really good one. I have purchased BSNL WiFi routers for broadband connection. WiFi will allow me use internet on my laptop so really one more good feature by BSNL. But major security threat is these routers are configured for open access and setup with default settings. So this is a major security issue, By compromising these setting any one can connect to you router consol and change your settings. In Mumbai incidents happened when terrorists used open WiFi access point for sending treating emails. So securing your WiFi connections is very essential. Using following steps you [...]
WordPress directory listing and File access vulnerability
What they are/How to use them .htaccess files (or “distributed configuration files”) provide a way to make configuration changes on a per-directory basis. A file, containing one or more configuration directives, is placed in a particular document directory, and the directives apply to that directory, and all subdirectories thereof. When (not) to use .htaccess files In general, you should never use .htaccess files unless you don’t have access to the main server configuration file. There is, for example, a prevailing misconception that user authentication should always be done in .htaccess files. This is simply not the case. You can put [...]
New WordPress post not saved or published?
I always believe problem’s always teach you something new. I have deployed techchase.in on paid hosting. Lots of new problem started here After exporting all data and implementing all possible things I found that I am not able to save new post to draft or publish it. Sometimes few text get auto saved and continuous message of “saving draft” displayed and nothing happened. When tried to save or publish post manually and always come across error “nothing found for wp-admin Post php”
Disposable email
Disposable email service is for people who want to protect their online identity. It is a tool that allows users to create an on-the-spot email identity that provides anonymity and fights web inertia in one easy step. If you give Web sites and new contacts a disposable email address instead of your real one, you can selectively disable a disposable address as soon as you get spam through it, but continue using all other aliases.
Categories: Concept, Internet Security Tags: Disposable Email, email security, email tricks, Temporary email
Application Security: The Missing Pillar of Software Quality
Hi all today while reading some application security news I came across one application security white paper by HP.Some of the content of this article is as follows. Introduction Historically, application developers and quality assurance (QA) teams have not focused on security. Why? They haven’t focused on security because we have not asked them to. IT Management typically asks developers to achieve two goals—build innovative features and see that the project is completed on time. For QA teams, the expectation is to see that the application functions as intended and that it can scale effectively and perform under load (functional [...]
Categories: Concept, Internet Security, Security Testing Tags: security testing
Why You Need To Secure Your Web Applications
Website security is possibly today’s most overlooked aspect of securing the enterprise and should be a priority in any organization. Increasingly, hackers are concentrating their efforts on web-based applications to obtain access and to misuse control sensitive data such as customer details, credit card numbers and proprietary corporate data. Hackers already have a wide repertoire of attacks that they regularly launch against organizations including SQL Injection, Cross Site Scripting, Directory Traversal Attacks, Parameter Manipulation (e.g.,URL, Cookie, HTTP headers, HTML Forms), Authentication Attacks, Directory Enumeration and other exploits. Moreover, the hacker community is very close-knit; newly discovered web application intrusions are [...]
Categories: Concept, Internet Security, Security Testing Tags: auditing, Penetration testing, software flaws, Vulnerability, Website security
