Anybody that will be coding publicly-accessible SQL-based web applications needs to be aware of the threat from SQL Injection attacks. SQL injection attacks are attempts made by a malicious user to gain access to the SQL back-end database and can occur from, for example, a PHP front-end. One way for the attack to work is to input unexpected data. If it is formatted in a way … [Read more...]
AntiVirus 2009 Info
AntiVirus XP 2009 seems to be the latest surge of frequently encountered trojan viruses. You may stumble onto it on the web where it looks very real to the end user like the My Computer window with a scan occuring over top. There is a sequence of pop-ups that will all try to get you to download the file antivirus.v.1.exe. I've seen Google search results redirect to these … [Read more...]
Windows SteadyState – Locking down public terminals
Microsoft offers a program somewhat similar to Faronics' Deep Freeze application. Microsoft's Windows SteadyState, however, is free for download after authenticating with Windows Genuine Advantage. Both of these programs essentially provide a way for system administrators to secure, manage, and reset machines to the exact state they were in before a user sat down to it. Setup … [Read more...]
Mediawiki Evaluation Results
Continuing my search for a decent KB, I'm concluding my evaluation of MediaWiki. This name might be familiar to you because it is the wiki engine running Wikipedia and sister projects. I first began looking into MediaWiki despite my giving up on wikis as a whole because I had decided that the overall format and objective of wikis didn't line up with how I perceived my knowledge … [Read more...]
Microsoft Baseline Security Analyzer
Microsoft offers a tool to check the Windows machines you administer from common security oversights and holes. You can run a quick scan on your machine, a specific remote machine, an IP range, or even a domain to find out how your machines add up. The results that you get from running this scan can tell you the general health of your machine and how it's behaving in … [Read more...]