Clik here to view.
Scanning Vendors (non-PCI related) – Hype or Not?
For months now, when building websites for clients, I’ve come across virtually trillions of “Site Security Scanners” supposedly endorsed/approved by various shared web hosts who claim to run XSS, SQL...
View ArticleClik here to view.
CentOS PCI Compliance assessment
We are currently working our way through a PCI compliance assessment on our server running CentOS. We are getting a lot of ‘severe’ issues with suggested fixes. The suggestions to rectify the issues...
View ArticleClik here to view.
images security
How I can check all my images on server, they don’t prepared with maulicious code ? I mean for example Gif PHP exploits and so on… Is this a homework question? How to harden a server is well beyond...
View ArticleClik here to view.
Is my dns server being attacked? And what should I do about it?
I’ve been having some intermittent dns problems with a web server, where certain isp’s dns servers don’t have my hostnames in cache and fail to look them up. At the same time, queries to opendns for...
View ArticleClik here to view.
CentOS Vulnerabilities – Exploits/Payloads
I’m doing an academic work where I have to find vulnerabilities in CentOS and show how to take advantage of those same vulnerabilities. I’m no hacker and I’m finding this task to be of great...
View ArticleClik here to view.
How to check that a known Windows Vulnerability has been patched?
Is there a way in Windows to check that say Security Bulletin MS**-*** or CVE-****-***** has been patched? e.g. something akin to RedHat’s rpm -q --changelog service Windows 2008 R2 SP1 Running...
View ArticleClik here to view.
Apache server ? Vulnerability check
We are running apache web server on fedora 8 and need to check for vulnerabilities. What should we check? Asked by neolix What you’re doing is generally ill-advised, however you can take some steps to...
View ArticleClik here to view.
chkrootkit results – php session files not found
From time to time when I run chkrootkit I get the following results: Searching for suspect PHP files... /usr/bin/find: `/tmp/sess_nq0tiekcsl41jb93795gnrug54': No such file or directory /usr/bin/find:...
View Article
