Thanx a lot 4 the response.One more scenario i have 4 which i need solution.It goes as below:

I have a login page of my application.The action associated with the login page is to call authentication check script which checks the username and password from my database and if valid allows login.Now If someone builds the same page on some other domain and specifies the action of that page as my application script being called on my server.This will allow him to access the username and paswords and then redirect to actual page on my server which is shown when the login is correct.Can i check if the login request is being made from my domain or some other.I have the option of seeing referrer but believe the same can be blocked/played with to launch the attack.I need a solution so that the same can be stopped.Please help.

Ok thats fine.But still have a problem.Take the scenario in this way.

I have an application in which the session cookies are stored.The application is commercial application and login is allowed only over a single machine.But i have cookies built for my application in such a way that a person in the same network can use the cookies and login over another machine.Now if i insert the logic of ip address in my cookie , means if i start accessing the ip from which the request was made, i cannot do so as ISPs and the client machine ip may change dynamically very frequently.So i need to know if i could insert any logic to build my cookies so that i have such information of the client that he cannot be impersonated by anybody else or the same login could be used on some another machine.Hope i have been able to explain the problem.

Hi all

Have a problem to discuss.I have ram cookies enabled instead of hard disk cookies for my application.Now while auditing my application, i opened the login page on a machine and login inside with the required credentials.Then on the other machine i copied the ram cookies from the browser into the browser running on other machine say machine2. The i fetched the url from the previous machine (which was the url which i got after logging in) and ran it on the machine2 browser.I got logged in.Believe though i used the ram cookies and copied it,but still need some way or idea to implement in my application so that even if someone could have my ram cookies for the running session, he should not be able to login.

What logic/intelligence should i insert in my application?

Hi
Thanx a lot for ur response.Have played with hping tool but couldn't replicate the same.Can u plz provide the arguments to be given to hping to replicate the same.Plz help.

Thanx a ton.

Can anyone help regarding the same.Can see the views hits increasing but nothing as a reply.Plz help.

Hi i have been receiving the following on running dmesg on one of my linux servers.Seems to be a sort of DOS attack.I need to reproduce it.But unable to get the tool which can do the same.Can anybody out there help me.

TCP: Treason uncloaked! Peer 195.166.241.58:62516/80 shrinks window 1125437396:1125437397. Repaired.
TCP: Treason uncloaked! Peer 195.166.241.58:62516/80 shrinks window 1125437396:1125437397. Repaired.
TCP: Treason uncloaked! Peer 195.166.241.58:62516/80 shrinks window 1125437396:1125437397. Repaired.
TCP: Treason uncloaked! Peer 210.212.88.48:2339/80 shrinks window 1732317231:1732317232. Repaired.
TCP: Treason uncloaked! Peer 88.202.127.229:51950/80 shrinks window 3906350758:3906350759. Repaired.
TCP: Treason uncloaked! Peer 203.199.30.15:53364/80 shrinks window 3067016690:3067019450. Repaired.

What i do need to know is that how encoding specification in html coding helps preventing these attacks.Means i have been reading articles on the same and they say that specifying the character encoding helps prevent XSS since it helps in determining special characters.Now i am n;t getting this.Plz explain how does that happen and how charset encoding specification helps prevent XSS.

hi
thanx a lot 4 ur assistance.it isn't producing any pop box.

What i do need to know is that how encoding specification in html coding helps preventing these attacks.Means i have been reading articles on the same and they say that specifying the character encoding helps prevent XSS since it helps in determining special characters.Now i am n;t getting this.Plz explain how does that happen and how charset encoding specification helps prevent XSS.

hi
I do have to prevent XSS but i don't have the idea what exactly character set encoding has to do with this.If i do filter some special characters , then i believe that would be a solution for XSS.But then where this encoding specification comes into play and what exactly it means.Moreover if i filter the special characters by converting them to their hex equivalents then i believe XSS could even be launched from hex equivalents.Plz provide me a good information explaining the whole business.This is getting confusing.i read the article at
http://www.cert.org/tech_tips/malicious_code_mitigation.html
but it seems to be confusing regardin charset encoding and all that.Plz help

Hi all
i am receiving the following  in my access logs  if i do run a scanner indicating that XSS test has been successful.

%A7%A2%BE%BC
%F3%E3%F2%E9%F0%F4%BE%E1%EC%E5%F2%F4%A8%A7XSS%20Test%20Successful%A7%A9%
BC%AF%F3%E3%F2%E9%F0%F4%BE

I could not get the conversion of it although i have consulted many conversion tables.Normally for XSS to be successful we have to use either "script" or "<" or ">" and many more.But i am not getting the conversion of the above to these characters.So i need to know to what exactly is this getting converted and how it has resulted in XSS.

Hi
I have worked with it .But my problem is that if i do make the script then all i can do is look for restricted files and then delete them.While what i reuire is the safety at very first end.Mean to say that if i do have to restrict tar files from being created in htdocs then i should have a solution that if any software personnel tries to create tar of something in htdocs it should not be allowed at very that instant.My htdocs has write permissions for the software department and i do have the situation that i cannot change the permissions.I do have to restrict them somehow.Kindly help me regardin the same once again.
Hoping a quick and positive response from ur side.

Hi all
I just need to hide out directory in linux.One option is to make it renamed as .directory(preceding dot before directory name).But its still accessible in this method.I need a utility or any method to hide it completely so that noone can access it.Kindly help regardin the same.
Hopin a quick and positive response from ur side.

hi
If anyone subscribed to hakin plz provide the issues somehow as i can't afford to buy or subscribe.wud be highly obliged.

Regards
Love Wadhwa
RedHat Certified Engg.

Hi
Thanx a lot 4 ur response.wud try to make a script for this.

hi
i want that my software deparment should not be able to create files with particular extensions.As for instance i don't want that they shud be able to create tars in the web root directory.Is there a software 4 that or a solution to it.
regards
Love Wadhwa
RedHat Certified Engg