Security is the degree of protection against danger, damage, loss, and crime. Security as a form of protection are structures and processes that provide or improve security as a condition. [http://en.wikipedia.org/wiki/Security]
I start reading this book 2 days ago (135pages read of 412 pages), It is quite interesting, especially the chapter about pseudo-random generator quality and bias, Zero knowledge protocol, polymorphic virus body using relatively small algorithm (TEA)...It also propose some solutions but I did not reach this chapter...
Hackers have uncovered the dark side of cryptographyâthat device developed to defeat Trojan horses, viruses, password theft, and other cyber-crime. Itâs called cryptovirology, the art of turning the very methods designed to protect your data into a means of subverting it.
Malicious Cryptography: Exposing Cryptovirology
Preface by security expert Bruce Schneier (Pratical Cryptography a reference)
A lot of Mambo/Joomla site has been hacked last week, since I've already help someone hardening an installation (mambo 22.214.171.124), I've decide to write a tutorial for the benefit of the open source community...
Some steps are common sense while others are not.
Consider this page as a work in progress, feedback is as usual welcomed. Click read more for the article
The Joomla Project has announced the availability of Joomla 1.5.8.
This release contains a number of bug fixes and two moderate-level security fixes and you would be well advised to upgrade to this version if you are running any other Joomla 1.5.x version. (Users of Joomla 1.0.x are urged to ensure they are running Joomla 1.0.15, but do not need to migrate to Joomla 1.5.8 immediately.
Joomla patches for SecurityImages 5 will follow in a few hours... (before 22:00 GMT+1)
This article is extracted from:
Joomla! Web Security
Secure your Joomla! website from common security threats with this easy-to-use guide
For more information, please visit:
Joomla!, a very popular content management system (CMS) is as you may know an easy-to-deploy-and-use content management system. This ease of use has lent itself to rapid growth of both the CMS and extensions for it. You can install it on almost any host, running Linux or Windows. This highly versatile software has found itself in such lofty places as large corporate web portals, and humble places such as the simple blog.
Joomla! itself is inherently safe, but misconfigurations of the CMS, vulnerable components, hosts that are poorly configured, and weak passwords can all contribute to the downfall of your site. Hence, it's always better to ensure the security of your site.
In this article by Tom Canavan, we will take a look at how SQL injection attacks can occur to your Joomla website, how we can test for SQL injection attacks, and how to stop SQL injection.
Mark Twain once said, "There are only two certainties in life-death and taxes." Even in web security there are two certainties: It's not "if you are attacked", but "when and how" your site will be taken advantage of.
There are several types of attacks that your Joomla! site may be vulnerable to such as CSRF, Buffer Overflows, Blind SQL Injection, Denial of Service, and others that are yet to be found.
The top issues in PHP-based websites are:
If you are running any of the following Joomla versions it might just be a matter of time before you too are hacked!
The Joomla Project announces the immediate availability of Joomla 1.5.13 [Wojmamni ama baji]. This is a security release and users are strongly encouraged to upgrade immediately.
This release contains 26 bug fixes, two moderate-level security fixes and one low-level security fix. It has been 3 weeks since Joomla 1.5.12 was released on July 1, 2009. The Development Working Group's goal is to continue to provide regular, frequent updates to the Joomla community.
Statistics for the 1.5.13 release period:
Just in case I take too much time to deliver a ready to use download, duration 5 minutes, but you need to understand basic php coding
I do this for you at each release of Joomla!
The hosts file is a computer file used by an operating system to map hostnames to IP addresses. This method is one of several methods used by an operating system to locate network nodes on a computer network. Spybot Search and Destroy is using this technique when you click on immunize button behind the scene.
Found at http://someonewhocares.org/hosts/
Use this file to prevent your computer from connecting to selected internet hosts. This is an easy and effective way to
There is a version of this file that uses 0.0.0.0 instead of 127.0.0.1 available at http://someonewhocares.org/hosts/zero/. On some machines this may run minutely faster, however the zero version may not be compatible with all systems.
This file must be saved as a text file with no extension. (This means it that the file name should be exactly as below, without a ".txt" appended.). Let me repeat, the file should be named "hosts" NOT "hosts.txt".
Here is the latest version of my growing mind map that will help you to secure your Linux box. While some node are clearly targeted toward Joomla!, you can still safely apply a lot of my recommendations to any LAMP (Linux, Apache, MySQL, PHP) server.
This mind map is an ongoing work, that is why it has also a version number in it (v1.6). As soon as I will learn new tricks, the mind map will be updated.
Added Crash – Kernel Panic / Password / Intrusion Detection / Joomla! links / PHP settings / mod security
New mind map are currently in development:
By clicking read more, You'll be able to go through the checklist as text, or download the mind map as a PDF (2MB)
I did create this mind map a while ago, and found it while going through my dropbox folders. Linux server Monitoring “You can't correct something you can't measure” is in version v 1.0.0
You’ll find in this mind map
What to monitor, how and the most useful commands to detect what happening on your Linux server.
Why a mind map?
A mind map is a diagram used to visually outline information. mind map help you take notes, brainstorm complex problems, and think creatively.
Privacy Statement | Copyright Notice | Licenses
© 1999-2012 Waltercedric.com. Designed by Cédric Walter. Sitemap
Reproduction without explicit permission is prohibited. All Rights Reserved. All photos remain copyright © their rightful owners. No copyright infringement is intended.
Disclaimer: The editor(s) reserve the right to edit any comments that are found to be abusive, offensive, contain profanity, serves as spam, is largely self-promotional, or displaying attempts to harbour irrelevant text links for any purpose.