Apache show server status security vulnerability.
Disable modules for mod_status and mod_info and comment out # # SetHandler server-status # Order deny,allow # Deny from all # Allow from .your_domain.com #
Jan D.
"The only real security that a man will have in this world is a reserve of knowledge, experience, and ability."
Enable VNC Authentication
Modify configuration from user = nobody to i.e. root then add -rfbauth and restart xinetd # more vnc # default: off # description: This serves out a VNC connection which starts at a KDM login # prompt. This VNC…
Setting the secure flag in the cookies
Security team identified following flaw – Session Cookie without Secure flag set Original article on TechRepublic TechRepublic had an interesting article about the Surf Jack attack. Many people commented, some giving their own solution to the problem. However many of…
Track / Trace method on web server
Symptomps: serverxyz:~ # telnet 127.15.10.36 80 Trying 127.15.10.36… Connected to 10.17.105.34. Escape character is ‚^]‘. TRACE / HTTP HTTP 200 OK Date: Wed, 22 Aug 2012 12:17:05 GMT Server: Apache (Unix) mod_ssl OpenSSL Connection: close Content-Type: message/http TRACE / HTTP…
Awesome SW
Beyond Compare – comparing text files, configuration files, folders ,etc. DB Forge Data Comare Express – DB data content compare Total Commander – file manager Snipping tool – take a snap of your screen Putty & Xshell – ssh…
Check port/deamon thats running
testserver:~ # netstat -an | grep 512 tcp 0 0 0.0.0.0:512 0.0.0.0:* LISTEN unix 3 [ ] STREAM CONNECTED 802512508 /tmp/ksocket-sshusr/klauncherZNMCS unix 3 [ ] STREAM CONNECTED 802512507 testserver:~ # lsof -i :512 COMMAND PID USER FD TYPE DEVICE SIZE…
Grant, Revoke Oracle user access
Data Control Language (DCL) Statements Data Control Language Statements are used to grant privileges on tables, views, sequences, synonyms, procedures to other users or roles. The DCL statements are GRANT :Use to grant privileges to other users or roles. REVOKE…
Verify Oracle parameters
login as oracle user sqlplus „/ as sysdba“ show parameters NAME TYPE VALUE ———————————— ———– —————————— O7_DICTIONARY_ACCESSIBILITY boolean FALSE _undo_autotune boolean FALSE active_instance_count integer aq_tm_processes integer 0 archive_lag_target integer 0 asm_diskgroups string asm_diskstring string asm_power_limit integer 1 asm_preferred_read_failure_groups string Oracle…
Samsung UE50ES6710 review
unpacked this TV yesterday, started messing around with basic functions and here is my first impression: Design: Awesome Screen/resolution: Awesome Initial Setup: Good, easy to tune channels, just in case you stop in the middle of tuning Satalite…
Customer Focus, Expectations and Loyalty
(GetPages)/fb0e21c03e1a1fbb85257011006e6396 „When you buy a tank from the Red River Army Depot, there’s a 1-800 number in the „glove compartment“ so you know who to call if you have a problem with the vehicle. At Red River, customer calls come…