Call trans opt: receveid. 9-18-99 14:32:31 REC:log>
WARNING: carrier anomaly
Trace program: running
> Welcome
38.107.191.95
16.03.2010 - 11:51 (10:51 GMT)
5orry, you have... NO MAIL.
Security FAQ: The Complete Documentation
- This category contains 9 Papers
- The last paper was added on 2007-03-26 (YYYY-MM-DD)
CGI/Perl Taint Mode FAQ
Published on June 03, 1998, by Gunther Birznieks, ©Gunther Birznieks.
Freeware CGI Scripts are available for download all over the Web. But how many of them are really secure? When you download a script do you check all the logic to make sure it is secure? Do you read through each line of code and anticipate all the ramifications? Most of the time the answer is "no". After all, the whole point of downloading software is to get it and run it for free WITHOUT having to do a lot of work.
File infos:
- L0T3K ID: docs-333
- status: online
- source: www.web66.com
comp.os.linux.security FAQ
Published on June 29, 2002, by Daniel Swan, comp.os.linux.security.
This FAQ is intended to serve as a starting point for those new to the newsgroup, but is also intended to be a survey of Linux® security issues and tools. This FAQ is aimed at intermediate to experienced Linux® users and is intended to not only answer specific questions, but to also facilitate further learning by providing pointers other useful security resources.
File infos:
- L0T3K ID: docs-349
- status: online
- source: comp.os.linux.security
Cross Site Scripting FAQ (The)
Published on 2002, by Zenomorph, ©cgisecurity.com.
Port 80 is the standard port for websites, and it can have a lot of different sec urity issues. These holes can allow an attacker to gain either administrative access to the web site, or even the web server itself. This paper looks at some of the signatures that ar e used in these attacks, and what to look for in your logs.
File infos:
- L0T3K ID: docs-359
- status: online
- source: www.cgisecurity.com
Diceware Passphrase FAQ
Published on July 27, 2003, by Arnold G. Reinhold, ©Arnold G. Reinhold.
Diceware is a technique that uses dice to produce random text for passphrases and other uses. The Diceware method provides an easy way to create strong passphrase that are easy to remember, for example: alger klm curry blond puck.
File infos:
- L0T3K ID: docs-375
- status: online
- source: http://world.std.com
Passphrase FAQ
Published on October 02, 1993, by Grady Ward, ©Grady Ward.
With the intrinsic strength of some of the modern encryption, authentication, and message digest algorithms such as RSA, MD5, SHS and IDEA the user password or phrase is becoming more and more the focus of vulnerability.
File infos:
- L0T3K ID: docs-547
- status: online
- source: www.unix-ag.uni-kl.de
Passphrase FAQ (The)
Published on March 23, 1997, by Randall T. Williams, ©Randall T. Williams.
This is The Passphrase FAQ for PGP. I tried to include everything I've seen asked on alt.security.pgp along with some extras to cover other things like passwords and different key lengths. Most people who have had college algebra or higher should be able to follow the math. Check the glossary in section 8.2 to help with some of the terms and how they are used.
File infos:
- L0T3K ID: docs-549
- status: online
- source: www.stack.nl
Secure UNIX Programming FAQ
Published on May 16, 1999, by Thamer Al-Herbish and Peter Roozemaal, ©Thamer Al-Herbish and Peter Roozemaal.
This FAQ answers questions about secure programming in the UNIX® environment. It is a guide for programmers and not administrators. Keep this in mind because I do not tackle any administrative issues. Try to read it as a guide if possible. I'm sorry it sounds like a bad day on jeopardy.
File infos:
- L0T3K ID: docs-602
- status: online
- source: www.whitefang.com
Security-Audit’s Frequently Asked Questions
Published on 1999-07-19, by Jeff Graham, ©Jeff Graham.
This is a collection of common questions posted to the security-audit mailing list once a month. It is intended to reduce the traffic to this list by providing quick answers to common questions.
File infos:
- L0T3K ID: docs-616
- status: online
- source: www.lsap.org
World Wide Web Security FAQ (The)
Published on 2002-02-04, by Lincoln D. Stein and John N. Stewart , ©World Wide Web Consortium.
The risks are most severe from the Webmaster’s perspective. The moment you install a Web server at your site, you’ve opened a window into your local network that the entire Internet can peer through. Most visitors are content to window shop, but a few will try to to peek at things you don’t intend for public consumption. Others, not content with looking without touching, will attempt to force the window open and crawl in. The results can range from the merely embarassing, for instance the discovery one morning that your site’s home page has been replaced by an obscene parody, to the damaging, for example the theft of your entire database of customer information.
It’s a maxim in system security circles that buggy software opens up security holes. It’s a maxim in software development circles that large, complex programs contain bugs. Unfortunately, Web servers are large, complex programs that can (and in some cases have been proven to) contain security holes. Furthermore, the open architecture of Web servers allows arbitrary CGI scripts to be executed on the server’s side of the connection in response to remote requests. Any CGI script installed at your site may contain bugs, and every such bug is a potential security hole.
File infos:
- L0T3K ID: docs-1928
- status: online
- source: www.w3.org
Created: 2010-03-16 03:06 | Modified: 2009-01-10 02:17 | Size: 23466 octets