Use cryptography appropriately Use of cryptography is critical to providing authentication. Without the use of cryptography, it is not possible to protect a system from the weakest of adversaries. However, designing cryptographic systems is a difficult and subtle task. We offer some hints to help guide the prospective designer in using the...
Written by GentleGiant on 01/29/12 at 14:03:42 EST
A cross-site scripting (XSS) hole is when an attacker can inject scripts into a page sent by your server. Browsers treat these injected scripts like any other script in the page. For example, if http://www.yoursite.com/search?q=<scrypt>alert(5) returns "
There were no hits for...
Written by GentleGiant on 01/24/12 at 14:54:17 EST
Adobe will turn over its Flex SDK 4.6 development environment to the Apache Software Foundation, as the company claims to further its commitment to HTML5 as the “best technology for enterprise application development” in the long term. Adobe recently updated its “Your Questions About Flex" page to include information on what will...
The NOKEY warning is not really a problem. It won't prevent you from doing anything. (The yum error, though, will usually prevent you from installing software.) If you'd like to resolve it, do the following command to get the correct key for the site you're downloading from: You must be root to do any of this. Red Hat and Fedora:...
How do I install software in Fedora? (How to use yum or an RPM)- Fedora has thousands of pieces of software that can be downloaded and automatically installed from the Internet. Often people want to use install or update software using the command line. For this you use a program called "yum". First become root, and then you can use the...
I'll give you a summary: Fedora is a Linux distribution from Red Hat that doesn't cost any money, includes only open-source software, and always includes the latest versions of software. Fedora is a community-supported project. That means that you can be involved in creating Fedora, if you want. A new version of Fedora comes out every six...
The other day I had to install some software for a customer to run the Clip Bucket ( http://www.clip-bucket.com) script on their server. It was a lot of steps to install so I documented it and posted it here for me to find the next time someone wants such a site. Also its cool that I am sharing with you so you don’t have to research like I did...
MP4Box is a MP4 multiplexer, which can import MPEG-4 video, DivX, XviD, 3ivx, h264 etc, audio streams and subtitles into the .mp4 container. The end result is a compliant MP4 stream. It can also extract streams from a .mp4. MP4Box is a command line tool, but can be used with graphical user interfaces such as YAMB or my MP4box GUI. 1) Download...
UNIX file permissions control who can do what to a file or directory. This is the only way to protect documents on your Web server, so it is important to discuss them in some detail. UNIX permissions have three different levels of access to define who can do what to a file or directory: The owner of the file (User) A group of users who...
How to keep a detailed audit trail of whats being done on your Linux systems Image Intrusions can take place from both authorized (insiders) and unauthorized (outsiders) users. My personal experience shows that unhappy user can damage the system, especially when they have a shell access. Some users are little smart and removes history...
Use ausearch command as follows: # ausearch -f /etc/passwd OR # ausearch -f /etc/passwd less OR # ausearch -f /etc/passwd -i less Where, -f /etc/passwd : Only search for this file -i : Interpret numeric entities into text. For example, uid is converted to account name. Output: ---- type=PATH msg=audit(03/16/2007 14:52:59.985:55) :...
Let us say you would like to audit a /etc/passwd file. You need to type command as follows: # auditctl -w /etc/passwd -p war -k password-file Where, -w /etc/passwd : Insert a watch for the file system object at given path i.e. watch file called /etc/passwd -p war : Set permissions filter for a file system watch. It can be r for read, w for...
The answer is to use 2.6 kernels audit system. Modern Linux kernel (2.6.x) comes with auditd daemon. Its responsible for writing audit records to the disk. During startup, the rules in /etc/audit.rules are read by this daemon. You can open /etc/audit.rules file and make changes such as setup audit file log location and other option. The default...
Find The Linux 'find' command will list files and directories that match the arguments to the command and pass specified tests. For example, to find all 'txt' files in the home directory, the following command can be used: find ~ -name *.txt The '~' means start at the user's home directory and the -name is a test which means list only files...
http://www.linux.org/" target="_blank">Linux is a popular free Unix version, initially for the Intel xx86 set of platforms, but now also for other processors: Alpha, ARM, Motorola 680x0, PowerPC, SPARC. In the server area it has become one of the most popular operating systems. Support for...