Verweise

Kademlia is a communications protocol for peer-to-peer networks. It is one of many versions of a DHT, a Distributed Hash Table.

This utility, isolate, runs processes in a chroot-ed environment, with constrained resource limits, as a random UID, and with limited access to the X server.

Offene mathematische Probleme -- Leicht zu verstehen, schwer zu lösen

Perl's idea of UTF-8 support

Timing attacks are pretty horrible from the perspective of someone trying to write a secure cryptosystem. They work against a programmer’s best instincts

Der Login auf den eigenen Server aus einem Internet-Cafe ist nicht ohne Risiko, weil ein möglicherweise installierter Keylogger das Passwort für späteren Missbrauch mitlesen kann. Mit Einmalpasswörtern schlägt man solchen Ausspähversuchen ein Schnippchen, um trotz unsicherer Umgebung auf die eigenen Systeme zuzugreifen zu können. Nur wenige Schritte sind dazu erforderlich.

Mit Open-Source-Tools und wenigen Handgriffen erkennt ein System verdächtige Anmeldeversuche und blockiert sie.

A customer asked that we check out his intranet site, which was used by the company's employees and customers. This was part of a larger security review, and though we'd not actually used SQL injection to penetrate a network before, we were pretty familiar with the general concepts. We were completely successful in this engagement, and wanted to recount the steps taken as an illustration.

A SQL injection attack consists of insertion or "injection" of a SQL query via the input data from the client to the application. A successful SQL injection exploit can read sensitive data from the database, modify database data (Insert/Update/Delete), execute administration operations on the database (such as shutdown the DBMS), recover the content of a given file present on the DBMS file system and in some cases issue commands to the operating system. SQL injection attacks are a type of injection attack, in which SQL commands are injected into data-plane input in order to effect the execution of predefined SQL commands.

SQL-Injection bezeichnet das Einschleusen von eigenen Befehlen in eine SQL-Datenbank. Überprüft eine Web-Applikation Benutzereingaben nicht ausreichend, ist damit jede Datenbank auf jedem Betriebssystem verwundbar.

How to exploit the SQL Injection Attack

Cross-Site Scripting (XSS) is a common flaw found in todays web applications. XSS flaws can cause serious damage to a web application. Detecting XSS vulnerabilities early in the development process will help protect a web application from unnecessary flaws. XSS-Me is the Exploit-Me tool used to test for reflected XSS vulnerabilities.

This paper shows how easy it is to penetrate the average website and gain information about the underlying database structures inside a network firewall.

This article discusses techniques to detect SQL Injection and Cross Site Scripting (CSS) attacks against your networks.

We will look at several scenarios under which SQL injection may occur, even though mysql_real_escape_string() has been used. There are two major steps at writing SQL injection resistant code: correct validation and escaping of input and proper use of the SQL syntax.

Anmerkungen zu sieben Personensuchmaschinen

Erklärung zum SQL-MODE von MySQL