Network Security

SSH Security Improvement

24 Jun , 2013  

Secure Shell (SSH) is a very handy network protocol which a network/system administrator might use all the time. SSH provides us with the capabilities of data communication, remote login and remote command execution. As a network/system administrator we might be faced with the responsibilities of managing a large amount of server computers. Imagine the pains we would suffer if we have to keep moving around and connecting monitor and keyboard (if we have more computers than monitors) from one computer to another every time we have to manage them. To make our life easier, we can use the SSH protocol with the concept of client server between computers connected on the same network. We just need to run SSH server service on the server side and use our SSH client to do our job from our workstation. More…

, , , ,

Network Security

Vulnerable Web Application for Hacking

6 Jun , 2013  

Are you a newbie in hacking world? Want to practice your hacking skills? The biggest problem I’ve faced every time I want to learn about hacking other than it’s not easy to learn the tools is I have a difficult time trying to find a victim for my practice sessions. Surely I can’t try to hack any sites I found on google since it will be against the law. Should I try to make a custom web application for this? Nah, it’s too time consuming and I’m not sure everything will work. Luckily, somehow I found myself in a web page which contain a link to a web application based on PHP and MySQL called mutillidae. More…

, , , , , , , , , ,

Network Security

SQL Injection

5 Jun , 2013  

Have you ever heard of the term SQL injection? According to Wikipedia, SQL injection is a code injection technique that exploits a security vulnerability in an application ‘s software. Simply said, SQL injection is a method which you can use to gain database access of a web application. More…

, , ,

Network Security

High Interaction Honeypot Analysis Toolkit

19 Apr , 2013  

High Interaction Honeypot Analysis Toolkit (HIHAT) is a software with the capability of turning any PHP application such as phpmyadmin or phpnuke into a high interaction honeypot. HIHAT works by adding it’s own PHP code into all existing PHP pages/scripts of the application. These generate code were meant to provide logging of every connection attempt to the PHP pages by storing connection detail in MySQL database.¬†HIHAT can handle many types of web security attacks such as SQL injection, Remote File Inclusion (RFI), and Cross Site Scripting (XSS). More…

, , , , , , , ,