Jack is Here

asp.net Home interview questions java training dhtml javascript tutorial C# and .NET asp.net Software Software Programming html tutorial dreamweaver tutorial SEO-Webmaster Team Management Internet Related java tutorial css tutorial xml tutorial Others ajax tutorial Mobile asp.net tutorial Business Database Related

Six Steps to a More Secure Linux Server

11/24/2009

I've worked as a remote Linux System Administrator for quite a while, and one thing that I've noticed is that many "administrators" out there don't know how to configure or secure a server properly. This article is a quick reference on some of the more important (and easy) security or configuration tweaks that any administrator should do for their server. These six steps can dramatically increase the security and stability of any Linux server. The best part about these tips, is that they are all quick and easy to do as well, with each step taking less than 15 minutes!

1.) Security Updates Not Installed
Almost every server that I work is not the newest (and surest) software. Yes, Linux is a great operating system software, but has all the security problems. Enable the installation of automatic updates using a cron script, or is similar to the simplest and easy way to make sure that your server is not compromised. There really is no excuse to not have the latest security updates to install

2.) Disable root login via SSH, and password authentication
Admittedly, I've been guilty of this myself sometimes. Let's face it, everyone likes being able to quickly and easily log into their servers, and change settings. However, if you're using password authentication, what's to keep someone else from logging into your server? In addition, you should not use password authentication on your Linux server, to prevent others from logging into your Linux server. Instead, enable RSA signed authorization keys. This is more secure, since an attacker will not be able to guess or brute force a login session with your server.

3.) Disable or filter extra services
This is the second biggest problem is that I look over the new customers with servers. Often the system administrator to build their Linux server does not automatically imply a necessary final step filter incoming connections that are not necessary. I've seen it all run from the day service, MySQL is waiting for connections on a remote IP. If a Linux administrator is not familiar with iptables, there are several tutorials that someone will show you how even a simple firewall ruleset. Moreover, disabling unnecessary services is a fundamental step to optimize the server as well, why extra services that run to tie resources if they are not needed?

4.) Test accounts or guest accounts still active
Another glaring security hole (and often used is one) that a customer will not have to be test-user is run (often with very simple passwords, such as test) if a software solution for a production server is deployed. I do not need the security implications of this single-make sure that getting rid of you, the guest or trial accounts!

5.) Advertising banners left on
We all like advertising, is not it? However, the advertising world, for the version of Apache or Sendmail, you run on your Linux server is the three-year-old, is not to be concerned about, it is necessary. Disable the server as long as the banner will help to hide the script from a fundamental reliance on attacking your server. Moreover, why is bad to help determine the software server is running?

6.) PHP errors or application errors
I'm pretty confident that we have all seen an error or two displayed on a website. Some errors that are displayed are not a security issue at all, for instance Javascript errors. However, some errors are security issues (PHP is particularly bad with this), because they disclose sensitive information. The easiest way around this is to disable displaying errors in PHP (or your web applications). Otherwise, an attacker may be given information about your website's database details, or file locations.



These issues are the top 6 security issues that I see on a daily basis in my work. You can all check your server or servers for these quick issues (these tips take almost no time at all), and dramatically increase the security of your server. However, if you have any problems implementing these security steps, please feel free to contact me.

Posted in: javascript tutorial| Tags: Software Security linux system password administrator while server secure authentication

The Power of JavaScript in Web Design

11/11/2009

If you've been surfing the net for a while, you must likely have encountered websites created using JavaScript.

JavaScript is a programming language for developing client-side run in the dynamic Web site. This means that the language will not be performed on the server, but will run on your web pages a user's browser. It is usually used to manage online advertising, formal verification, and identity card checks in the browser. This does not conflict, such as PHP or ASP in other languages when you design a website.
Features

This language has been in use for several years now to produce websites with nice effects. Here are some highlights of what it can do:

? Integrated support for the browser - you do not have to install any plug-ins to view the site uses JavaScript programming. In most Web browsers support the language. You only need the browser handles certain specific functions, so that it will run properly

? Run-time change in the structure of Web pages can be found on the term be changed because it has access to the Document Object Model. It can also be used at the server side for the script changes in order to manage Web content to better

? Function - JavaScript functions and variables can be assigned as each function can return. Far as to name the function of this language, programming is not worried about all the work

? Object Oriented- this language is easy to learn and handles most programming objects with no conflict

Benefits of the Language

The JavaScript sites are typically designed to test for the validation of submissions by users via an online form. Suppose you have forgotten an order form on your website and a client, please fill out the fields for the home address and zip code, the browser is asked to provide her the necessary information before proceeding. This saves time instead of the process from the server, tested a variety of processed data. ASP and PHP programming can solve the problem, but in a more time consuming way for clients.

This programming language is also used to design dynamic web pages can present graphics data structure. This is also from the user through the web browser.

Other features like links and images can be manipulated using this scripting language. Other special effects for navigation can also be added to your website.

Sample Sites and Sample Script

http://www.brainjar.com/dhtml/menubar/ - JavaScript has been used in combination with HTML. When the menu bar, point the mouse will be highlighted. Here, each content is highlighted and that the drop-down menu

http://www.dynamicdrive.com/dynamicindex3/dynamicsplash.htm - this is a great effect where information about your website or anything under the sun can be displayed on a splash screen.

http://www.dynamicdrive.com/dynamicindex2/crosstick.htm - this allows you to tell web surfers that there are changes in your websites. The display will be text scrolling upward.

http://www.bosrup.com/web/overlib/ -a box will pop up when a user points her mouse to an item. It can be instruction, description, or reminders that you want to tell them.

JavaScript can be a great tool for designing exciting and functional websites. Just make sure you maximize the features of this language, so that you can improve the efficiency and attractiveness of your web pages.

Posted in: dhtml| Tags: NET Programming Javascript language web design power site while run
while | while List View

Hot Posts

Latest posts

Tags

Others

Sponsors

asp.net interview questions


© 2009 Jack is Here | Contact: jack.niu[at]live.com