IP spoofing is the attack used by hackers to steal a user’s IP address. IP spoofing involves spoofing a Transmission Control Protocol (TCP) connection, since IP Addresses are passed within TCP packets. When two hosts want to establish a TCP session, they must synchronize their connection using a TCP mechanism called "3 way handshake". This mechanism is composed of three phases:
I have recently started a course on Database Security and had some difficulties in deciding whether to use MySQL or Oracle as the Database system for lab assignments. I got into the MySQL vs. Oracle debate that has been going on since before the web started. As you might imagine, the reasons to use either database over the other can fill entire books, so I tried to compare them based on their main feature sets.
$base_url = $_SERVER['REQUEST_URI'];
NOTE: The code in the template is minimal for simplicity purposes, you are free to use this template class as a base for developing your own. So our templating class needs to have the following functionalities:
- Load a template file
- Set values to the variables in the template file
- Parse the template file into a php variable to use it within other templates
Well, I have been in a Dilemma about this for a while. After reading several posts on Singular vs Plural Database table names, I finally concluded that both have its advantages and disadvantages, and that everyone has their own opinion on this, and that the most important thing is that your naming conventions are consistent across the database since it would be annoying to remember which table names are plural and which are singular. I can therefore conclude that naming your database tables with Singular or Plural names is up to the developer. However, here are a few things to consider when choosing your naming convention:
A friend of mine logged into her account yesterday after 2 weeks of being off facebook, and was devastated to see that she had shared pornographic images with friends and family; I had a good laugh about it, but she was madd... After seeing an outburst of facebook accounts being hacked, including lots of my friends accounts, i have decided to share some knowledge on things you can do to reduce the risk of your facebook account being hacked. So there are several things you can do to protect your account from being hacked, we will go through each one of them in detail here, and how to implement each one.
Secure Socket Layer
In a perfect world, persons using the internet would be browsing websites without hackers being able to gain access to their information. However, this world is not perfect and internet users are vulnerable to attacks carried out by hackers; On the internet, and data you send can be seen and manipulated by others. The currently used solution for this problem is websites allowing their users to use Secure Connections to browse the internet.
This is a tutorial that demonstrates just how simple it is to get access to facebook accounts without the user's password or username. This tutorial demonstrates Session Hijacking (discussed here: http://www.cleverlogic.net/tutorials/session-hijacking-0). This is a simple attack done on an unsecured wifi network with the permission of all users on the network.
The aims of this tutorial are:
Session Hijacking is an attack by which a hacker exploits a valid computer session and gains access to a client’s session identifier. Since HTTP is a stateless protocol, when a user logs into a website, a session is created on that Web Server for that user, this session contains all this user's information being used by the server so the username and password is not needed at every page request. The server uses a unique identifier(Session Identifier) to authenticate this user to this session, this session identifier is passed between the web server and the user's computer at every request.