Felitaur Site
Offerings
|
|
Webscripting Vulnerabilities
[Linux System Administration Homepage]
| Overview |
- Cross Site Scripting (XSS)
- SQL Injection Attacks
- SQL Server And Passwords
Goals:
- Know where your major weaknesses for security exist.
- Use Apache configuration to protect against webscript attacks
- Protect include files
- Have different levels of user access for databases
- Protect passwords by putting outside of document root
- Use filtering (preg, strlen, msyql_escape_string)
-
Files/directories covered:
Commands:
suexec
/etc/httpd/conf/httpd.conf
|
| Questions |
- How can a user protect themselves from these attacks? (ie via browser?)
|
| Activites |
|
|
| References |
Cross Site Scripting XSS
SQL Injection Attacks
- SQL Injection
http://www.codeproject.com/cs/database/SqlInjectionAttacks.asp
http://www.securityfocus.com/infocus/1706
http://www.securityfocus.com/infocus/1694
http://www.securityfocus.com/infocus/1876
http://www.securityfocus.com/infocus/1859
http://www.securityfocus.com/infocus/1818
http://www.securityfocus.com/infocus/1739
http://www.securityfocus.com/infocus/1726
http://www.securityfocus.com/infocus/1593
This page last updated on:
|
|
|
|
