security
Get flash to fully experience Pearltrees
networking
cryptography
password
voip
Advanced OS X: Surf a Secure Tunnel via SSH
So there you are in your cubicle at work utilizing your employer’s expensive internet connection for everything except something that can actually justify your pay check. This is a good enough time to do some power ebaying, youtubing, or hell even some chatty chat with that sexy new bit on the side. It doesn’t get any better than this right? To actually get paid to surf the internet whilst firing off a reply to the occasional email, to keep up the guise of you actually being alert and attentive to the various happenings at work. Imagine if your poor sap of a boss actually knew what you were up to! Guess what, chances are he does.
Setting Up SSL on Tomcat In 3 Easy Steps
Setting up SSL on Tomcat is easy and you don’t have to do much for converting your web application to work with the Https protocol. But however, the problem you would find to set up SSL is the documentation available over the web. The documentation source is available on the Apache site but it starts off good and ends with a lot of confusion.Although the JSSE guide provides detailed information on the JSSE API and its use in application programming, this article dives deeper into the different message exchanges involved when a programmatic Java client communicates with a server over the SSL. It will help developers understand the fundamental but often overlooked JSSE concepts of keystore, truststore, cipher suites, certificates, and the public key infrastructure and help them solve some of the common programmatic and configuration issues that arise when developing Java clients that communicate over SSL. It enhances the JSSE guide documentation by walking the reader through a debug output and explaining each message exchange between a client and the server in detail.
Understanding JSSE
[the new p0f]
Copyright (C) 2012 by Michal Zalewski < lcamtuf@coredump.cx > Yeah, it's back! 1. What's this? P0f is a tool that utilizes an array of sophisticated, purely passive traffic fingerprinting mechanisms to identify the players behind any incidental TCP/IP communications (often as little as a single normal SYN) without interfering in any way.
Related Links Network Inventory Software - automatically scans all computers on your network and builds reports with details about installed software and hardware, OS and hotfixes, important alerts and other information CurrPorts - Monitoring Opened TCP/IP ports / connections on your network. SocketSniff - Windows Sockets (WinSock) Sniffer See Also
SmartSniff: Freeware Packet Sniffer - Capture TCP/IP packets on
Greg Murray's Blog: Preventing Cross Site Scripting Attacks
Posted by gmurray71 on September 27, 2006 at 12:01 PM PDT Cross site scripting (XSS) is basically using JavaScript to execute JavaScript from an unwanted domain in a page. Such scripts could expose any data in a page that is accessible by JavaScript including, cookies, form data, or content to a 3rd party. Here is how you can prevent your web pages from being exploited on both the client and the server. This is followed with tips on how to avoid vulnerable sites.