IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [attack-prevention]

prevention of an attack vector (e.g. XSS, HPP, CSRF)

Prevention of a specific attack vector (e.g. XSS, HPP, CSRF)

In OWASP nomenclature, this would be Breakers.

557 questions
180
votes
12 answers

How is an ATM secure?

I'm curious why an ATM computer is considered secure. The general adage of "If an attacker has physical access to my machine, all bets are off," seems to not apply in this circumstance (since everyone has physical access to the machine). Why is…
asteri
  • 1,885
  • 3
  • 15
  • 22
165
votes
3 answers

What are rainbow tables and how are they used?

Where can I find one? Is there a pot of gold at the end? How do I protect against them? From the Area51 proposal This question was IT Security Question of the Week. Read the Sep 09, 2011 blog entry for more details or submit your own Question of…
AviD
  • 72,138
  • 22
  • 136
  • 218
162
votes
2 answers

What is DROWN and how does it work?

There is a new recent attack "on TLS" named "DROWN". I understand that it appears to use bad SSLv2 requests to recover static (certificate) keys. My question is: How? How can you recover static encryption or signature keys using SSLv2? Bonus…
SEJPM
  • 9,500
  • 5
  • 35
  • 66
154
votes
14 answers

Why is the OS obfuscation defense against "It's a Unix system!" not widely implemented?

The Jurassic Park scene referenced in the title is infamous for how ludicrous it sounds to those who are tech literate. But it also illustrates what seems to me to be a glaringly huge hole in web security, particularly IoT devices--as soon as…
Indigenuity
  • 1,323
  • 2
  • 7
  • 13
125
votes
4 answers

How does ransomware get on people's computers?

I've noticed increased frequency of ransomware questions around Stack Exchange. Some of the people I remotely know had their devices recently infected as well. I'm starting to be concerned. When people ask me how to avoid viruses, I typically tell…
Tomáš Zato - Reinstate Monica
  • 1,237
  • 3
  • 11
  • 16
113
votes
9 answers

Should I change the default SSH port on linux servers?

Is there any advantage in changing the SSH port, I've seen people do that, but I can't seem to find the reason why. If you have a strong password and/or a certificate, is it useful for anything? Edit: I should also mention that I am using iptables…
sharp12345
  • 1,969
  • 3
  • 13
  • 23
110
votes
13 answers

Why do sites implement locking after three failed password attempts?

I know the reasoning behind not letting infinite password attempts - brute force attempts is not a meatspace weakness, but a problem with computer security - but where did they get the number three from? Isn't denial of service a concern when…
Bradley Kreider
  • 6,152
  • 2
  • 23
  • 36
79
votes
5 answers

What techniques do advanced firewalls use to protect againt DoS/DDoS?

It is hard to protect a server against Denial of Service attacks, DoS/DDoS. The two simple ways I can think of is to use a server with much resources (e.g. CPU and memory), and to build the server application to scale-up very well. Other protection…
Jonas
  • 5,063
  • 7
  • 32
  • 35
58
votes
9 answers

What can a company do against insiders going rogue and negatively affecting essential infrastructure?

In 2013, a Citibank employee had a bad performance review that ticked him off. The results were devastating: Specifically, at approximately 6:03 p.m. that evening, Brown knowingly transmitted a code and command to 10 core Citibank Global Control…
Nzall
  • 7,313
  • 6
  • 29
  • 45
57
votes
9 answers

Can malware be attached to an image?

I have a small number of employees who use a company computer but these people aren't very tech-savvy. They use an email client and a messaging client. I'm pretty sure they wouldn't click on a .exe or .zip file in an email without thinking, and I…
user2143356
  • 733
  • 1
  • 5
  • 7
51
votes
4 answers

Is it good practice to ban an IP address if too many login attempts are made from it?

Since an IP address does not necessarily represent a specific device, but probably a whole network/company/etc. does it at all make sense to block an IP address if there is a significant amount of false login tries from it? I was planning to…
Levite
  • 819
  • 1
  • 6
  • 14
45
votes
2 answers

Risks of a PHP image upload form

My client wants a photography site where users can upload their photos in response to photography competitions. Though technically this isn't a problem, I want to know the risks associated with allowing any user to upload any image onto my server.…
Starkers
  • 553
  • 1
  • 5
  • 6
45
votes
6 answers

Is there a difference between GET and POST for web application security?

I have 2 choices in sending data between 2 web applications. I encode the data in Base64 and append to the URL and retrieve these parameters at my destination application and decode the parameters. For eg.,…
Vikas V
  • 693
  • 8
  • 12
43
votes
5 answers

Security implication of telling the user they can't login because of too many attempts from IP

On Code Review stack exchange, in response to code that informs the user when their login attempt failed because of too many login attempts from an IP, I was told "Absolutely do not message end user telling them why login failed. You are giving a…
Goose
  • 1,394
  • 1
  • 11
  • 17
40
votes
9 answers

Is it bad to have cameras using a static IP address?

I am about to move in a new house, and I would like to install some security cameras. The contractor told me that in order for me to check the videos recorded by the cameras in real time when I am away I'll need to have a static IP address. Are…
Ant
  • 673
  • 1
  • 5
  • 12
1
2 3
37 38