Location:
Search - XML attack
Search list
Description: 基础原形来自 Ourplus,修补跨站脚本攻击漏洞
采用PHP+Mysql+Xml开发的网站流量统计分析系统 ,不影响页面下载速度。
本流量统计系统采用了高效的程序算法和精心优化的数据库结构,对网站进行全方位的统计,功能强大,统计直观。-The basis of the prototype from Ourplus, fix cross-site scripting attack using loopholes PHP+ Mysql+ Xml development site traffic statistics analysis system, does not affect the page download speed. Statistical system of the flow of a highly efficient procedure for the use of algorithms and well-optimized database structure, the site a full range of statistics, powerful, intuitive statistics.
Platform: |
Size: 1982464 |
Author: tom |
Hits:
Description: WordPress 2.7 还有更多的细节和功能等你去发现,现在就下载安装,或者升级吧,别忘了,升级前请先备份老系统 WordPress 2.6.5 发布修正了一个可能会引发跨站攻击的 Bug。幸运的是,这个Bug 只影响运行 Apache 2.x 的基于 IP 的虚拟主机。
除此之外,另有以下三处改进:
1、防止日志元信息意外地写入到修订版本之中
2、防止 XML-RPC 获取错误的日志类型
3、在批量删除前对用户 ID 进行检查过滤-WordPress 2.7 There are more details and features, such as you to discover, now download and install, or upgrade it, do not forget to upgrade the old system before the backup WordPress 2.6.5 release fixes a possible trigger cross-site attack Bug. Fortunately, this Bug affects only Apache 2.x running IP-based virtual host. In addition, with the following three improvements: 1, to prevent accidentally log meta-information written to the revised version of 2, to prevent the XML-RPC access to the error log type 3, delete in bulk before the user ID to check the filter
Platform: |
Size: 2063360 |
Author: 李利 |
Hits:
Description: 从本质上说,Snort是网络数据包嗅探器。只要运行Snort时不加载规则,就可以把网络中的数据包显示出来。但是Snort的真正价值在于把数据包经过规则处理的过程。Snort灵活的和强大的语言能对网络中的所有数据包作充分的分析,决定如何处理任何特殊的数据包。Snort可以选择的方式有忽略、记录或告警管理员。Snort有很多种记录或告警的方法,例如,syslog、写入文件、写入XML格式文件、发送WinPopup消息等。当有了新的攻击手段时,只要简单加入新的规则就可以升级Snort。
-In essence, Snort is a network packet sniffer. As long as the rules do not load when running Snort, you can put the network packet is displayed. However, Snort' s real value lies in the data packet through the rules of the process. Snort flexible and powerful language able to network all packets for a full analysis, to decide how to deal with any special data packet. The forms of Snort can choose to ignore, recording, or alarm administrator. There are many records of Snort or alarm, for example, syslog, write documents, write XML format, so send WinPopup messages. With the new means of attack when the time, simply by adding new rules can upgrade Snort.
Platform: |
Size: 5405696 |
Author: betty |
Hits:
Description: A new system for web attack detection is presented. It
follows the anomaly-based approach, therefore known and
unknown attacks can be detected. The system relies on a XML file
to classify the incoming requests as normal or anomalous. The
XML file, which is built from only normal traffic, contains a
description of the normal behavior of the target web application
statistically characterized. Any request which deviates from the
normal behavior is considered an attack. The system has been
applied to protect a real web application. An increasing number of
training requests have been used to train the system. Experiments
show that when the XML file has enough information to closely
characterize the normal behavior of the target web application, a
very high detection rate is reached while the false alarm rate
remains very low.
Platform: |
Size: 688128 |
Author: keerthi |
Hits:
Description: X3-BLOG完美的利用了浏览器的XML解析技术,完全实现数据和界面的分离,使网络传输数据量大大减少,加载速度远远超过了市面上所有的BLOG产 品,有效的减轻了服务器的带宽压力,服务器端使用四大动态网站开发语言中速度最快的ASP.NET(C#)编写,屏弃了传统的控件开发方式,所有执行过程 采用单向流的生成方式,使其对服务器CPU及内存资源的占用降至最低水平,并通过gzip压缩进一步缩减服务器的网络带宽消耗,提高响应速度 。
无Session设计杜绝了用户会话无故丢失的尴尬,客户端关联的会话加密方式带来了用户数据的高安全性,独特的XSL结构设计,彻底消除了跨站脚本攻击的隐患,杜绝恶意代码的执行,同时保证了文章内容的完整性。
-The X3- BLOG using a web browser perfect parsing techniques, fully realize the XML data and interface of separation, greatly reduce the amount of data transmission network, and is far more rapid than the load on the market, the BLOG all products effectively relieve the pressure of server bandwidth, server use four dynamic web development language fastest asp.net (c#) writing, reject the traditional development mode, and the control ChanXiangLiu by the execution of all, make its way to generate the CPU and memory resources server to minimize occupying gzip level, and compressed further server bandwidth consumption, improve the response speed.
No Session design to eliminate the cause of the loss of user Session embarrassed, client connection Session brings user data encryption method of high safety, unique XSL structure design, eliminate the station, eliminate hidden attack script execution, malicious code and ensure the integrity of the content.
Platform: |
Size: 1132544 |
Author: ShiShuguang |
Hits:
Description: PROTECTION AGAINST INPUT MANIPULATION VULNERABILITIES IN SERVICE ORIENTED
ARCHITECTURE
Thesis Submitted in partial fulfillment of the requirements for the degree of MASTER OF TECHNOLOGY in COMPUTER SCIENCE & ENGINEERING – INFORMATION SECURITY by DEEPAK D J
Keywords: Service Oriented Architecture, XML firewall, Web service Attack, Input
manipulation, Denial of service (DOS), XDOS, SQL Injection , SOAP, Web Service
Security.
Platform: |
Size: 920576 |
Author: BARBIESS |
Hits:
Description: 1.方便快捷:采用ASP+XML结构,发布留言速度快,数据结构修改简单;
2.界面大方:专门为商业网站设计的淡蓝色调,可通过配置文件快速修改版面风格,内置三种风格背景;
3.免费支持:免费提供所需图片的PSD源码,让您更加个性化修改,免费的友情技术支持;
4.安全保障:针对现在的网络安全,加入了防注入和防跨站攻击代码。并对录入数据进行脚本过滤。把COOKIE认证改为更为安全的SESSION;
5.安装超简单:全程序只有两个文件,上传到WEB空间只需运行setup.asp就可以进行全部安装,安装后不需任何调试就可以使用;-1. Quick and convenient: the use of ASP+ XML structure, quick release message speed, data structure modification is simple
2. Interface generous: blue tint designed specifically for commercial websites, you can quickly modify the layout style through configuration files, built-in three styles background
3. Free Support: Provides free desired picture PSD source code, allowing you to modify more personalized, friendship free technical support
4. Security: security for today s networks, joined the anti-implantation and anti-cross-site attack code. And data entry script filtering. The COOKIE authentication to safer SESSION
5. Install super-simple: the whole program only two files, uploaded to the WEB space just run setup.asp can be fully installed, after the installation without any debugging can be used
Platform: |
Size: 150528 |
Author: gismy |
Hits:
Description: 采用ASP+XML结构,青春活力的淡蓝色调,可通过配置文件快速修改版面风格,免费提供所需图片的PSD源码,让您更加个性化修改,免费的友情技术支持,针对现在的网络安全,加入了防注入和防跨站攻击代码。-Using ASP+ XML structure, youthful vibrant light blue tone, you can quickly modify the layout style through the configuration file, free PSD source code to provide the required pictures, allowing you to more personalized changes, free friendship technical support for the current network security, Adding anti-injection and anti-cross-site attack code.
Platform: |
Size: 226304 |
Author: eed |
Hits: