A Word About Secure Database Access
Unfortunately, this database access code exhibits insecurities of its own. For example, you should never use the sa account (or an equivalent) to access databases from Web applications. Instead, use weak accounts that lack permission to drop tables, insert, update, and delete records, and the like. In addition, you should use stored procedures or parameterized commands in lieu of dynamic SQL commands for added protection against malicious input parameters. Finally, consider encrypting database connection strings to minimize the risk of information disclosure if your source code falls into the wrong hands. And note that truly paranoid ASP.NET programmers encrypt connection strings and store them in ACLed registry keys. When it comes to Web security, a little paranoia can be a good thing.
Read the rest of this entry »

• 0 Comments

Telecommunications security (of voice, data, and/or video communications) is the prevention of any type of intrusion to (that is, either unauthorized or malicious access to or use of) your company’s telecommunications equipment by some party. Your company’s “telecommunications equipment” includes both this Avaya product and any other voice/data/video equipment that could be accessed via this Avaya product (that is, “networked equipment”).
Read the rest of this entry »

• 0 Comments

Web 2.0 – user-generated content, rich user interfaces and co-operative, dynamic services – has also brought with it a new and extremely virulent breed of ‘Malware 2.0’. A key motivation for this study is the link between Web 2.0 and the increase in ‘drive-by’ malware infections requiring no intervention or awareness on the part of the user. To give some idea of the threat posed, a Scansafe report analysing malware trends reports that risks from compromised websites increased 407% in the year to May 2008.
Read the rest of this entry »

• 0 Comments

What on earth is Web 2.0? Web 2.0 carries a high profile and surrounding hype. Developers must surely be feeling the heat to quickly adopt the new second generation of dynamic, interactive and simple by design technologies.

Web 2.0 is the term pioneered by O’Reilly for new generation Web applications.Live.com, start.com, Google maps, Google Docs, YouTube, Flickr, and MySpace are few examples. Adaptation of this technology vector has changed the web application development approach and methodology significantly.AJAX (Asynchronous JavaScript), RIA(Rich Internet Applications) and Web Services form the core components of Web 2.0applications.
Read the rest of this entry »

• 0 Comments

Prior to 2001, web sites were relatively static, designed to push information to users in a manner that was not interactive. But proving that adversity can be the path to enlightenment, following the dot-com crash in late 2001 a new, stronger Web emerged. And unlike its predecessor, the new Web lived up to its name – sites became sticky hubs of interactive content, constantly changing and morphing based on the wants and needs of its visitors. Today, the technology that enables Web 2.0 is merely the vehicle, the transport mechanism from point A to point B. It is the user – those members of the particular web community – who ultimately drives the destination.
Read the rest of this entry »

• 0 Comments

This paper details various security concerns and risks associated with web 2.0 technologies such as Asynchronous Java script and XML (AJAX), Syndication, aggregation and notification of data in RSS or Atom feeds, mashups created by merging content from different sources. This paper also describes the security implications leading with the usage of web 2.0 technologies such as AJAX, RSS, and Mashups. Increase in application functionality leading to the emerging new web technologies (web 2.0). These new web technologies open more avenues to security threats to the online applications and users. Efficient protection mechanisms should be considered when dealing with web 2.0 technologies usage.
Read the rest of this entry »

• 0 Comments

Whether we like it or not, Web 2.0 technologies are profoundly changing the way we work and interact. User-generated Web content—hosted applications, blogs, wikis, social networking sites, RSS feeds—is rapidly creeping into organizations, offering users new ways to collaborate and communicate.
Read the rest of this entry »

• 0 Comments

A computer virus is a parasitic program written intentionally to alter the way your computer operates without your permission or knowledge. A virus attaches copies of itself to other files and, when activated, may damage files, cause erratic system behavior, or display messages.
Read the rest of this entry »

• 0 Comments